urlscan.io logo urlscan.io
SecurityTrails logo

www.nytimes.com Open in urlscan Pro
151.101.13.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuzc1vMzfTPzfLzdWYRAmDAFImzgv52zbUSsMN06T2HFrmjzbd5zavzgzdccRz...
Effective URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Submission: On September 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 13 domains to perform 60 HTTP transactions. The main IP is 151.101.13.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    162.223.233.247 (United States)

ASN15334 (RESPONSYS, US)
PTR: e.newyorktimes.com
e.newyorktimes.com
17    151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.nytimes.com
mwcm.nyt.com
1    2a02:26f0:eb:381::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.optimizely.com
1    151.101.193.164 (United States)

ASN54113 (FASTLY, US)
cigsvc.nytimes.com
1    184.31.84.31 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-84-31.deploy.static.akamaitechnologies.com
cdn3.optimizely.com
1    151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
a1.nyt.com
7    2a00:1450:4001:801::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a.nytimes.com
a.et.nytimes.com
1    184.30.223.23 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-223-23.deploy.static.akamaitechnologies.com
a3013110282.cdn.optimizely.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    104.108.38.55 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-38-55.deploy.static.akamaitechnologies.com
c.oracleinfinity.io
2    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    216.58.212.134 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net
5290727.fls.doubleclick.net
2    178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    130.61.67.95 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)
dc.oracleinfinity.io
5    2a03:6400:10:0:178:249:97:99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
accdn.lpsnmedia.net
2    3.220.69.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-69-124.compute-1.amazonaws.com
logx.optimizely.com
4    2a03:6400:10:0:178:249:97:98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
lpcdn.lpsnmedia.net
3    208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net
2    52.44.120.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-120-108.compute-1.amazonaws.com
collectors.sumologic.com
Domain Requested by
15 mwcm.nyt.com www.nytimes.com
mwcm.nyt.com
lpcdn.lpsnmedia.net
5 accdn.lpsnmedia.net lptag.liveperson.net
5 a.et.nytimes.com www.nytimes.com
4 lpcdn.lpsnmedia.net lptag.liveperson.net
4 c.oracleinfinity.io www.googletagmanager.com
c.oracleinfinity.io
3 va.v.liveperson.net lptag.liveperson.net
2 collectors.sumologic.com mwcm.nyt.com
2 logx.optimizely.com cdn.optimizely.com
2 dc.oracleinfinity.io c.oracleinfinity.io
2 lptag.liveperson.net www.nytimes.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 a.nytimes.com mwcm.nyt.com
a1.nyt.com
2 www.nytimes.com cdn.optimizely.com
1 www.google.de www.nytimes.com
1 www.google.com www.nytimes.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com a1.nyt.com
1 a3013110282.cdn.optimizely.com cdn.optimizely.com
1 a1.nyt.com www.nytimes.com
1 cdn3.optimizely.com cdn.optimizely.com
1 cigsvc.nytimes.com cdn.optimizely.com
1 cdn.optimizely.com www.nytimes.com
1 e.newyorktimes.com 1 redirects
60 24
Subject Issuer Validity Valid
nytimes.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-03 -
2022-04-06		 2 years crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
*.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2020-03-05 -
2021-06-04		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
a.et.nytimes.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-18 -
2022-11-16		 2 years crt.sh
c.oracleinfinity.io
DigiCert Secure Site ECC CA-1		 2020-07-24 -
2021-02-06		 6 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.liveperson.net
COMODO RSA Organization Validation Secure Server CA		 2017-12-17 -
2020-12-16		 3 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
dc.oracleinfinity.io
DigiCert SHA2 Secure Server CA		 2020-07-07 -
2021-09-05		 a year crt.sh
*.lpsnmedia.net
COMODO RSA Organization Validation Secure Server CA		 2018-02-26 -
2021-02-25		 3 years crt.sh
logx.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-10-01 -
2020-10-05		 2 years crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2020-04-13 -
2022-04-13		 2 years crt.sh
service.sumologic.com
GeoTrust EV RSA CA 2018		 2020-02-21 -
2022-02-20		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://www.nytimes.com/subscription?campaignId=9XHRL
Frame ID: AFC6099078513D1D3EF794CCF5136B5A
Requests: 56 HTTP requests in this frame

Frame: https://a3013110282.cdn.optimizely.com/client_storage/a3013110282.html
Frame ID: E2B05877A6158933B2243BFBE0417F8D
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJDaw92_8-sCFbFB5QodDMkDBg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1404652734466;gtm=2wg990;auiddc=1393431047.1600459361;u4=;u5=;u6=;u7=bYTvdfBpGCHMZRg4SkAnlE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL
Frame ID: 59AB831CEF8A5E7B6B37A6B21AAC1FA1
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod
Frame ID: 76D475BF20D8CA62B2F5BAB02B01C926
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuzc1vMzfTPzfLzdWYRAmDAFImzgv52zbUSsMN06T2... HTTP 302
    https://www.nytimes.com/subscription?campaignId=9XHRL Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers vary /Fastly-SSL/i

Page Statistics

60
Requests

100 %
HTTPS

41 %
IPv6

13
Domains

24
Subdomains

21
IPs

6
Countries

758 kB
Transfer

2040 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuzc1vMzfTPzfLzdWYRAmDAFImzgv52zbUSsMN06T2HFrmjzbd5zavzgzdccRzbBN9Al4ze18mypRdgzaVXtpKX%3DSTWCCWY&_ei_=Eq2tf9zs59idfPO1Sc_9Bbm3YSgDBOg2QIx1r4IUMwOF0fSGcxRniUy5W6mjfdemm_FfyFhzsb2M7jkEmpzTHnqLEU7m0hibosm2nBCNrxpARkKGv5ohZNinm4pK8cfzTI_szAa5gCQ5w0.&_di_=c8d18mkrjf3nr369iv6r63jdq3jsvmb53se9bpc5v870c946ud7g HTTP 302
    https://www.nytimes.com/subscription?campaignId=9XHRL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1404652734466;gtm=2wg990;auiddc=1393431047.1600459361;u4=;u5=;u6=;u7=bYTvdfBpGCHMZRg4SkAnlE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CJDaw92_8-sCFbFB5QodDMkDBg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1404652734466;gtm=2wg990;auiddc=1393431047.1600459361;u4=;u5=;u6=;u7=bYTvdfBpGCHMZRg4SkAnlE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request subscription
www.nytimes.com/
Redirect Chain
  • https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuzc1vMzfTPzfLzdWYRAmDAFImzgv52zbUSsMN06T2HFrmjzbd5zavzgzdccRzbBN9Al4ze18mypRdgzaVXtpKX%3DSTWCCWY&_ei_=Eq2tf9zs59idfPO1Sc_9Bbm3YSgDBOg2Q...
  • https://www.nytimes.com/subscription?campaignId=9XHRL
35 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5e00ed246aff437decd9de86cefea27b3a46ac5bb7c9af06033d05da55490ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY

Request headers

:method
GET
:authority
www.nytimes.com
:scheme
https
:path
/subscription?campaignId=9XHRL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html;charset=UTF-8
expires
0
pragma
no-cache
server
nginx
x-magnolia-vary
x-nyt-country, x-nyt-user-status, x-nyt-continent, X-NYT-Currency
x-origin-time
2020-09-18 20:02:40 UTC
accept-ranges
bytes bytes
age
0 0
date
Fri, 18 Sep 2020 20:02:40 GMT
x-served-by
cache-fra19135-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1600459360.893400,VS0,VE433
vary
Accept-Encoding, x-nyt-country, x-nyt-user-status, x-nyt-continent, X-NYT-Currency, Fastly-SSL
set-cookie
nyt-a=bYTvdfBpGCHMZRg4SkAnlE; Expires=Sat, 18 Sep 2021 20:02:40 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure nyt-gdpr=1; Expires=Sat, 19 Sep 2020 02:02:40 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhu; Expires=Sat, 18 Sep 2021 20:02:40 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure
access-control-allow-origin
*
access-control-allow-credentials
true
x-gdpr
1
x-frame-options
DENY
onion-location
https://www.nytimes3xbfgragh.onion/subscription?campaignId=9XHRL
x-api-version
F-X
x-nyt-route
mwcm
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security
max-age=2592000
content-length
8916

Redirect headers

Date
Fri, 18 Sep 2020 20:02:39 GMT
Server
Apache
P3P
policyref="http://policy5.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma
no-cache
Cache-Control
no-store, no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
6.interact5.Tr6.....N.N...=_ri_=X0Gzc2X%3DAQpglLjHJlYQGuzc1vMzfTPzfLzdWYRAmDAFImzgv52zbUSsMN06T2HFrmjzbd5zavzgzdccRzbBN9Al4ze18mypRdgzaVXtpKX%3DSTWCCWY&_ei_=Eq2tf9zs59idfPO1Sc_9Bbm3YSgDBOg2QIx1r4IUMwOF0fSGcxRniUy5W6mjfdemm_FfyFhzsb2M7jkEmpzTHnqLEU7m0hibosm2nBCNrxpARkKGv5ohZNinm4pK8cfzTI_szAa5gCQ5w0; expires=Sun, 18-Sep-2022 20:02:39 GMT; Domain=.newyorktimes.com; Path=/pub; HttpOnly
Location
https://www.nytimes.com/subscription?campaignId=9XHRL
Connection
close
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
common.js
mwcm.nyt.com/.resources/mkt-wcm/dist/ 		135 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c7c580276590fdeb9c8b2c37acb0b608ed7616a28684fd49ba71d1cce69da1a

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
content-encoding
gzip
age
178693
x-cache
HIT
status
200
content-length
39406
x-served-by
cache-fra19135-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459360.364157,VS0,VE0
x-origin-server
mwcm-pub-est06.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
4
main.js
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/js/src/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/js/src/main.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a03933dcd96c80f04123e26cff9ddd9e299afc1bafcf6a53978292bdd68016f2

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
content-encoding
gzip
age
178693
x-cache
HIT
status
200
content-length
3249
x-served-by
cache-fra19135-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459360.364120,VS0,VE0
x-origin-server
mwcm-pub-est01.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
2
main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/ 		38 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
56aa230966ead3adaba574f6d964fa46a85b751f986b0fc591a0e9be9bb5b764

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
content-encoding
gzip
age
178694
x-cache
HIT
status
200
content-length
6518
x-served-by
cache-fra19135-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459360.364167,VS0,VE0
x-origin-server
mwcm-pub-est10.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
2
landing_prod.js
cdn.optimizely.com/public/3013110282/s/ 		528 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:381::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb40dcfb7ef18e2fa5cb35a6476af8ebc3f87304d9804e28029469cb1541802f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
w3nF_AeJcLLpUrAnjFdFkXghE_WlZgyq
content-encoding
gzip
etag
"703a789544c2892ea9f57be9d1b8ae5e"
x-amz-request-id
8D54E8B996FB1E4D
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:eb:381::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
147799
x-amz-id-2
MN4SG2Jtj/welVpuSosWGnRcXFjg/BDhJKinp3hYgwjKvjqbCPE8ltAw2LAbvd71oTkzR76o4VA=
last-modified
Thu, 10 Sep 2020 17:28:46 GMT
server
AmazonS3
date
Fri, 18 Sep 2020 20:02:40 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
60979
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
logo-nyt-header.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/logo-nyt-header.svg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
189daf39387aadcc9db7650ee0e9108322ba7c424590a9aa9b019a547e0e45ca

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
content-encoding
gzip
age
178702
x-cache
HIT
status
200
content-length
2553
x-served-by
cache-fra19135-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459360.422280,VS0,VE0
x-origin-server
mwcm-pub-est08.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
5
logo_nyt_white.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/logo_nyt_white.svg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e02571635abb0e6cc008ad440ed3ce325f28caf7be8278cdfaf068747c31e58

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
content-encoding
gzip
age
178693
x-cache
HIT
status
200
content-length
1948
x-served-by
cache-fra19135-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459360.436221,VS0,VE0
x-origin-server
mwcm-pub-est07.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
615
userinfo-v3.json
www.nytimes.com/svc/web-products/ 		145 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/svc/web-products/userinfo-v3.json
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
c19b6adf80edcb04e5451d872f42cf8ddc57d4bc5f4902a9bdc267a85408ccfb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
x-api-version
F-X
x-cache
HIT
status
200
content-length
145
x-served-by
cache-fra19135-FRA
server
Varnish
strict-transport-security
max-age=2592000
onion-location
https://www.nytimes3xbfgragh.onion/svc/web-products/userinfo-v3.json
content-type
application/json
x-gdpr
1
x-nyt-route
service
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges
bytes
retry-after
0
x-cache-hits
0
ip_seg_v2.rep
cigsvc.nytimes.com/r1/jp/ 		170 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cigsvc.nytimes.com/r1/jp/ip_seg_v2.rep?jsoncallback=callback
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Sep 2020 20:02:40 GMT
via
1.1 varnish
x-timer
S1600459361.621009,VS0,VE196
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript;charset=UTF-8
status
200
expires
0
cache-control
no-cache, no-cache="set-cookie"
x-cache-hits
0
accept-ranges
bytes
content-length
170
x-served-by
cache-cph20634-CPH
geo2.js
cdn3.optimizely.com/js/ 		292 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo2.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.31 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-84-31.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
06c8f9624b28e821014394a4dd6ee9e2da2f70c69abd5c0293c6b418587d46ec

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server
AmazonS3
x-amz-request-id
CY3T1GEKFPBR2WFG
ETag
"adadfc5d7afd13e353d9d52cec1c7827"
Content-Type
application/javascript
Cache-Control
max-age=25483
Date
Fri, 18 Sep 2020 20:02:40 GMT
Connection
keep-alive
Content-Length
292
x-amz-id-2
4p3xG9P4SZnn1BfBwoqcRFPfuXxfrLunZzItGAXJrR0FlBNrKv+kYwd2jmRUZ89Jua3FoW2X+KI=
json-kidd.min.js
a1.nyt.com/analytics/ 		178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.nyt.com/analytics/json-kidd.min.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
97e649e4f52da2245df01edf874b88e1e614fb5124c20e47a5602d01213583de

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=hu1QRw==, md5=tk0OvQQ1nPA6XjE4ox+k5g==
date
Fri, 18 Sep 2020 20:02:40 GMT
content-encoding
gzip
age
67754
x-guploader-uploadid
ABg5-UwIiFX6oPAXdpj1lrc_u-3alqXNkY5sI7xp96aCEG68Rgs7SKcFjrTzPXBM9UwPL6A-FIggL1guDB4a2UW_sA
x-cache
HIT
x-goog-storage-class
REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
44076
via
1.1 varnish
x-served-by
cache-hhn4076-HHN
accept-ranges
bytes
expires
Fri, 18 Sep 2020 01:13:24 GMT
last-modified
Thu, 27 Aug 2020 19:39:32 GMT
server
UploadServer
x-timer
S1600459361.638146,VS0,VE0
etag
"b64d0ebd04359cf03a5e3138a31fa4e6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1598557172966603
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
182146
x-nyt-pagetype
nyt-dti-analytic
content-type
application/javascript
x-cache-hits
139
52c4d302fc074552840a75b3f23f1c6a.jpg
mwcm.nyt.com/.resources/mkt-wcm/dist/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/52c4d302fc074552840a75b3f23f1c6a.jpg
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e391f0ccab9cec1bb5dbd6268a5783c6b461f12e5ab6e6c38b9af5759499db9f

Request headers

Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
via
1.1 varnish
age
177106
x-cache
HIT
status
200
content-length
42522
x-served-by
cache-fra19135-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459361.572457,VS0,VE1
content-type
image/jpeg;charset=UTF-8
x-origin-server
mwcm-pub-est09.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
nyt-franklin-700-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-700-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ad868a610844684acd6cd66c0913d61b96dd9458e2477fc35d5ebb4b0fffc364

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
via
1.1 varnish
age
178693
x-cache
HIT
status
200
content-length
29504
x-served-by
cache-fra19138-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459361.637914,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est05.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1817
nyt-cheltenham-500-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-cheltenham-500-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c37b9396a5a4231f27c16d1398221794a5a1bb3f6a734b6521338fbd9d51197

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
via
1.1 varnish
age
178693
x-cache
HIT
status
200
content-length
32532
x-served-by
cache-fra19138-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459361.637913,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est08.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
2
nyt-franklin-600-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-600-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd5971eb7478a545172757bfbc027bce235ca0bea1443c4fc35a61c5dbedb8f8

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
via
1.1 varnish
age
178693
x-cache
HIT
status
200
content-length
48566
x-served-by
cache-fra19138-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459361.637873,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est03.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
5
nyt-cheltenham-300-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-cheltenham-300-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e3291cd2580eddb057b806f48be65a19aef0896701036e5646652c3d6aa7786

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
via
1.1 varnish
age
178693
x-cache
HIT
status
200
content-length
16844
x-served-by
cache-fra19138-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459361.637864,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est07.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
5
index.min.js
mwcm.nyt.com/dam/jcr:2f7f1814-9b49-47cb-b0c7-600c47215280/ 		897 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/dam/jcr:2f7f1814-9b49-47cb-b0c7-600c47215280/index.min.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
90068b0156a6a9c28ceee8051d732974b8e78b7c17312d9550c3c4b11c97b1a6

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
content-encoding
gzip
age
194346
x-cache
HIT
status
200
content-length
441
x-served-by
cache-fra19135-FRA
access-control-allow-origin
*
last-modified
Fri, 21 Aug 2020 14:40:11 GMT
server
nginx
x-timer
S1600459361.682148,VS0,VE0
x-origin-server
mwcm-pub-est10.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
2
data-layer
a.nytimes.com/svc/nyt/ 		950 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.nytimes.com/svc/nyt/data-layer
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
043fb30d73219f31231dad21169cd818576932c5dfc72ab47c2123af70c06a1c

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:41 GMT
content-encoding
gzip
x-appengine-log-flush-count
1
server
Google Frontend
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
08c17f659fb244189424d2f8f63eb39e
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
content-length
487
expires
Fri, 18 Sep 2020 20:02:41 GMT
nyt-franklin-300-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-300-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5a8e0f45e44da9b86819deeaf6e1d659726912ba546f73453665183fdf64af0

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
via
1.1 varnish
age
178692
x-cache
HIT
status
200
content-length
29448
x-served-by
cache-fra19138-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459361.695795,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est06.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
4
a3013110282.html
a3013110282.cdn.optimizely.com/client_storage/ Frame E2B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a3013110282.cdn.optimizely.com/client_storage/a3013110282.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.223.23 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-223-23.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
a3013110282.cdn.optimizely.com
:scheme
https
:path
/client_storage/a3013110282.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nytimes.com/subscription?campaignId=9XHRL
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.nytimes.com/subscription?campaignId=9XHRL

Response headers

status
200
x-amz-id-2
NF/ANPlFq8fv29UJeyDgHdKh9F2AvYRYaOrfRc6vFUj7TmVip+OSHXSnEIDRCISqTiopXqD2E14=
x-amz-request-id
C2D69492217370A8
x-amz-replication-status
COMPLETED
last-modified
Thu, 10 Sep 2020 17:28:16 GMT
etag
"200dc081a36c1137914a37d37fb3c17f"
x-amz-server-side-encryption
AES256
x-amz-meta-pci_enabled
False
content-encoding
gzip
x-amz-version-id
EwaW4ewuCcBXaz7i87l9bLZm8sYlQEPW
accept-ranges
bytes
content-type
text/html; charset=utf-8
content-length
843
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=120
date
Fri, 18 Sep 2020 20:02:40 GMT
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="12";dur=0,cdnip;desc="184.30.223.23";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
nyt-franklin-500-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-500-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
596b79be695dbe107180aa947e10b4eebeecc8fd240cf8a90f99f48fc01338ad

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
via
1.1 varnish
age
178693
x-cache
HIT
status
200
content-length
29324
x-served-by
cache-fra19138-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600459361.733146,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est03.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
4
gtm.js
www.googletagmanager.com/ 		356 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x
Requested by
Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b4d7c9376884da0681b51381e823cab80641db592b81582b94f64ea23eda233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
content-encoding
br
vary
*
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82225
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
data-layer
a.nytimes.com/svc/nyt/ 		995 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&jkcb=1600459360719
Requested by
Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0aabec1c8233303998810d4fff37af5f57d4ce8b8ff00d66e4006ceca53f00cc

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:40 GMT
content-encoding
gzip
x-appengine-log-flush-count
1
server
Google Frontend
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
d0c47b55e4f07da0352661e8d5792ff6
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
content-length
514
expires
Fri, 18 Sep 2020 20:02:40 GMT
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
odc.js
c.oracleinfinity.io/acs/account/cialth61ui/js/main/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.38.55 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-38-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc112f66d073a232b20be3555d782096a9abbc26af1e5333bd80bc9ed1311423

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Sep 2020 20:02:40 GMT
Content-Encoding
gzip
Content-MD5
1EDP6vOJ/5leSnMJcbt5ww==
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
10998
Pragma
no-cache
Last-Modified
Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id
iad-1:h2ywY_V5HEntmb5HsspZFyiOfODLHfcmvUrbAv6DUwjIXh-GREKJVTPvIclvoNdb
x-api-id
native
ETag
a127ca8e-29c4-4e59-864c-7de71c0592d5
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
application/javascript; charset=UTF-8
version-id
454af658-eba1-49cc-82fb-e7f7fe05532c
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,version-id,x-api-id
Cache-Control
max-age=0, no-cache
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Fri, 18 Sep 2020 20:02:40 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
5339
date
Fri, 18 Sep 2020 18:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Fri, 18 Sep 2020 20:33:41 GMT
activityi;dc_pre=CJDaw92_8-sCFbFB5QodDMkDBg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1404652734466;gtm=2wg990;auiddc=1393431047.1600459361;u4=;u5=;u6=;u7=bYTvdfBpGCHMZRg4SkAnlE;u8=undefined;u10...
5290727.fls.doubleclick.net/ Frame 59AB
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1404652734466;gtm=2wg990;auiddc=1393431047.1600459361;u4=;u5=;u6=;u7=bYTvdfBpGCHMZRg4SkAnlE;u8=undefined;u...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CJDaw92_8-sCFbFB5QodDMkDBg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1404652734466;gtm=2wg990;auiddc=1393431047.1600459361;u4=;u5=;u6=;u7=bYT...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJDaw92_8-sCFbFB5QodDMkDBg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1404652734466;gtm=2wg990;auiddc=1393431047.1600459361;u4=;u5=;u6=;u7=bYTvdfBpGCHMZRg4SkAnlE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5290727.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CJDaw92_8-sCFbFB5QodDMkDBg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1404652734466;gtm=2wg990;auiddc=1393431047.1600459361;u4=;u5=;u6=;u7=bYTvdfBpGCHMZRg4SkAnlE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nytimes.com/subscription?campaignId=9XHRL
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 18 Sep 2020 20:02:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
490
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 18-Sep-2020 20:17:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 18 Sep 2020 20:02:41 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJDaw92_8-sCFbFB5QodDMkDBg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1404652734466;gtm=2wg990;auiddc=1393431047.1600459361;u4=;u5=;u6=;u7=bYTvdfBpGCHMZRg4SkAnlE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
tag.js
lptag.liveperson.net/tag/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=17743901
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:41 GMT
content-encoding
gzip
last-modified
Tue, 21 Aug 2018 07:47:45 GMT
server
ws
etag
"5b7bc3a1-198d"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
6541
collect
www.google-analytics.com/j/ 		2 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1498469916&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&dr=&ul=en-us&de=UTF-8&dt=The%20New%20York%20Times%3A%20Digital%20and%20Home%20Delivery%20Subscriptions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=462269343&gjid=190865555&cid=1522476278.1600459361&tid=UA-58630905-1&_gid=230349703.1600459361&_r=1&gtm=2wg990WF9QCL2&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL&cd3=%3FcampaignId%3D9XHRL&cd9=&cd10=null&cd13=null&cd14=null&cd15=earned&cd16=referring_links&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd37=0&cd42=MOPS&cd43=&cd44=&cd45=&cd46=&cd48=null&cd49=blurb_under_100&cd52=&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&cd95=&cd109=0&cd110=0&cd111=0&cd112=0&cd113=0&cd122=0&cd123=0&cd124=0&cd125=0&cd126=0&cd127=0&cd138=0&cd139=0&cd141=0&cd142=0&cd143=0&cd144=0&cd145=0&cd146=0&cd147=0&cd148=0&cd162=0&cd163=0&z=1403100373
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Sep 2020 20:02:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-58630905-1&cid=1522476278.1600459361&jid=462269343&gjid=190865555&_gid=230349703.1600459361&_u=YEBAAEAAAAAAAC~&z=506838045
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 18 Sep 2020 20:02:40 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-58630905-1&cid=1522476278.1600459361&jid=462269343&_u=YEBAAEAAAAAAAC~&z=1047562838
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Sep 2020 20:02:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-58630905-1&cid=1522476278.1600459361&jid=462269343&_u=YEBAAEAAAAAAAC~&z=1047562838
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Sep 2020 20:02:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics-production.js
c.oracleinfinity.io/acs/account/cialth61ui/js/main/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production.js
Requested by
Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.38.55 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-38-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e40f1ed2383b6346b6bac6b2c5e209f1d6805f7d6ffce933fcfdbc0bf72a6be0

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Sep 2020 20:02:40 GMT
Content-Encoding
gzip
Content-MD5
qnF0/5dScUlTxy1fgptUSg==
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
1429
Pragma
no-cache
Last-Modified
Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id
iad-1:uohTjxKAX9Iw-8gLxanfpGYERrG_iXItDNtAPNuZ-APTTcQC5yLddUHSOyAmscbh
x-api-id
native
ETag
bce2d2d6-0bcc-4034-ada0-181fcce0d61d
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
application/javascript; charset=UTF-8
version-id
af0c379b-abd4-44f3-984d-c815e20cc683
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,version-id,x-api-id
Cache-Control
max-age=0, no-cache
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Fri, 18 Sep 2020 20:02:40 GMT
common.js
c.oracleinfinity.io/acs/common/js/1.3.37/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.oracleinfinity.io/acs/common/js/1.3.37/common.js
Requested by
Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.38.55 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-38-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65228fd2558cd49b47573d964a5615c31fa39a7c621990a4e3fb2438f2be05d1

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Sep 2020 20:02:41 GMT
Content-Encoding
gzip
Content-MD5
i3lzre/Ca4wN1pXfrk1n9w==
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
11579
Pragma
no-cache
Last-Modified
Sat, 11 Jul 2020 02:07:25 GMT
opc-request-id
iad-1:C1cgluLzpOccdCGh5B1c2ngxVl7QWD0TJv9qKQUr8u6Z9cfRmnlcEoShwxzGMrKY
x-api-id
native
ETag
9e584f22-eda0-480e-8f51-7abe4ffee9fe
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
application/javascript; charset=UTF-8
version-id
d5e20d9f-cf77-4a6c-ab0c-a76641532980
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,version-id,x-api-id
Cache-Control
max-age=0, no-cache
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Fri, 18 Sep 2020 20:02:41 GMT
analytics.js
c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production/analytics.js
Requested by
Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.38.55 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-38-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4d4be90f7293004ea724171e497b51aeed73ac67abc38dbaf14954c5de09f13

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Sep 2020 20:02:41 GMT
Content-Encoding
gzip
Content-MD5
D3HHo8Mh9wet2GpeS+FoTg==
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
7914
Pragma
no-cache
Last-Modified
Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id
iad-1:v83xgDMMO91QGbc6j7xmHWIlLBh4kl2IyD-ggN1PyCAVlyKR4mFvDnAjGLjKYeIF
x-api-id
native
ETag
ffd6a78f-0caa-490f-98b5-72af30429ab6
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
application/javascript; charset=UTF-8
version-id
035a888c-cf65-4f86-ab79-775e4f6d7e8d
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,version-id,x-api-id
Cache-Control
max-age=0, no-cache
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Fri, 18 Sep 2020 20:02:41 GMT
wtid.js
dc.oracleinfinity.io/cialth61ui/ 		189 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc.oracleinfinity.io/cialth61ui/wtid.js?callback=ORA.analytics.dcsRef.dcsGetIdCallback
Requested by
Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/common/js/1.3.37/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.61.67.95 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
d350f07eca36f36a217192de9afd7d817c629aba16b2461ca8b60449a1e4302d

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Sep 2020 20:02:41 GMT
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/plain
Content-Length
189
Expires
-1
.jsonp
lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/ 		250 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
d119100a00e3274a9ca1f3d64c1a587801bd134e5c61082d46b7acedaf858483

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:41 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
/
accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/?cb=lpCb4905x96466
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
6dcc78e10bf6d17cde54ef2107ee180c59669244bdeebfffe6a22e0fa18f88ba

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:41 GMT
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
1
expires
Fri, 18 Sep 2020 20:03:41 GMT
zones
accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
72246aeab063f977bdf850bcb9c6513cc79d5c61ff322b6bdef9edadee923dd1

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:41 GMT
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
1
expires
Fri, 18 Sep 2020 20:03:41 GMT
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
events
logx.optimizely.com/v1/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.69.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-69-124.compute-1.amazonaws.com
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 18 Sep 2020 20:02:41 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
a557d364-3356-4806-a46c-d7c6fd79e2f2
dcs.gif
dc.oracleinfinity.io/cialth61ui/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dc.oracleinfinity.io/cialth61ui/dcs.gif?wt.tx_e=v&wt.si_n=Subscribe%20Flow&wt.si_x=1&wt.si_p=Offer%20View&wt.pn_sku=Basic%20Digital%20Access&wt.z_offerchain_id=XPASS&asset.url=https://www.nytimes.com/subscription&a14dv=1&dcsdat=1600459361512&dcssip=www.nytimes.com&dcsuri=/subscription&wt.tz=2&wt.bh=22&wt.ul=en-US&wt.cd=24&wt.sr=1600x1200&wt.jo=No&wt.ti=The%20New%20York%20Times:%20Digital%20and%20Home%20Delivery%20Subscriptions&wt.js=Yes&wt.bs=1600x1200&wt.dl=0&wt.ssl=1&wt.es=www.nytimes.com/subscription&campaignid=9XHRL&wt.tv=1.0.4&wt.ce=1&wt.vtid=e29b21df-7c07-46be-ac7e-ea970ea818c8&wt.co_f=e29b21df-7c07-46be-ac7e-ea970ea818c8&wt.vt_f=1&ora.tag_id=main&ora.tag_config=production
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.61.67.95 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Sep 2020 20:02:41 GMT
X-Content-Type-Options
nosniff
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
-1
events
logx.optimizely.com/v1/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.69.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-69-124.compute-1.amazonaws.com
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 18 Sep 2020 20:02:42 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
18453319-7adf-42a6-8f1f-6904af2638d4
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/ Frame 76D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash

Request headers

:method
GET
:authority
lpcdn.lpsnmedia.net
:scheme
https
:path
/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nytimes.com/subscription?campaignId=9XHRL
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.nytimes.com/subscription?campaignId=9XHRL

Response headers

status
200
date
Fri, 18 Sep 2020 20:02:43 GMT
content-type
text/html
last-modified
Mon, 30 Mar 2020 14:49:28 GMT
content-encoding
gzip
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
expires
Fri, 18 Sep 2020 20:12:43 GMT
cache-control
max-age=600
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.js?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&force=1&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
90db019114bcb830c53464def2150205998e91e2f57435919648a90bde2a9805

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:43 GMT
content-encoding
gzip
last-modified
Mon, 30 Mar 2020 14:49:28 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Fri, 18 Sep 2020 20:12:43 GMT
17743901
va.v.liveperson.net/api/js/ 		623 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/17743901?&cb=lpCb89883x1997&t=sp&ts=1600459361225&pid=7570587998&tid=1696309551&pt=The%20New%20York%20Times%3A%20Digital%20and%20Home%20Delivery%20Subscriptions&u=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
1327f56e6a5a770999c2cce840ce58e240b38bb5aae20b03d2691f997ef28168

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:43 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
overlay.js
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/overlay.js?_v=3.42.0.2-release_5022
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:43 GMT
content-encoding
gzip
last-modified
Wed, 19 Aug 2020 12:50:18 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Fri, 18 Sep 2020 20:12:43 GMT
UISuite.js
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/UISuite.js?_v=3.42.0.2-release_5022
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:43 GMT
content-encoding
gzip
last-modified
Wed, 19 Aug 2020 12:50:18 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Fri, 18 Sep 2020 20:12:43 GMT
2704
accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/campaigns/1896709130/engagements/1896709630/revision/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/campaigns/1896709130/engagements/1896709630/revision/2704?v=3.0&cb=lp1896709630&flavor=dependency
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
1d116412c9e71bbc23f6391bae43be3f896e66bd096d027d1305a0342b9ac097

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:43 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
2
expires
Fri, 18 Sep 2020 20:03:24 GMT
/
accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/?cb=lpCb75542x20482
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
948a401e8e1c2d2612a6940e40788487eba43da17c669d57ee1a0cc21670c957

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:43 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
1
expires
Fri, 18 Sep 2020 20:03:41 GMT
17743901
va.v.liveperson.net/api/js/ 		111 B
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/17743901?sid=gKpmeo8oQ4mp0rguAd-odw&cb=lpCb20360x78773&t=pl&ts=1600459363381&pid=7570587998&tid=1696309551&vid=k2YzcwMjdlNTIxMjY4NjI2
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
29fe447c3d90e96e334eaa899f1094042b75bd43a4e6870c0d6947685ac664cb

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:44 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
42828914
accdn.lpsnmedia.net/api/account/17743901/configuration/engagement-window/window-confs/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/17743901/configuration/engagement-window/window-confs/42828914?cb=lpCb93214x10610
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
4dba342f60ae1fd3e6f60289f04236b43c4ef513a95a933161059be52e335789

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:43 GMT
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
1
expires
Fri, 18 Sep 2020 20:03:43 GMT
chat-buttononly.svg
mwcm.nyt.com/dam/LP/live_chat/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/dam/LP/live_chat/images/chat-buttononly.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7344f8edf7586116d09ef47538b695882d5ab1c5dc7c82d407b5bc9ab8a03f0a

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:44 GMT
content-encoding
gzip
age
202741
x-cache
HIT
status
200
content-length
1285
x-served-by
cache-fra19135-FRA
access-control-allow-origin
*
last-modified
Mon, 19 Nov 2018 21:42:25 GMT
server
nginx
x-timer
S1600459364.026045,VS0,VE1
x-origin-server
mwcm-pub-est01.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
chat-buttononly.svg
mwcm.nyt.com/dam/LP/live_chat/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/dam/LP/live_chat/images/chat-buttononly.svg
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/UISuite.js?_v=3.42.0.2-release_5022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7344f8edf7586116d09ef47538b695882d5ab1c5dc7c82d407b5bc9ab8a03f0a

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:44 GMT
content-encoding
gzip
age
202741
x-cache
HIT
status
200
content-length
1285
x-served-by
cache-fra19135-FRA
access-control-allow-origin
*
last-modified
Mon, 19 Nov 2018 21:42:25 GMT
server
nginx
x-timer
S1600459364.061001,VS0,VE0
x-origin-server
mwcm-pub-est01.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
2
17743901
va.v.liveperson.net/api/js/ 		41 B
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/17743901?sid=gKpmeo8oQ4mp0rguAd-odw&cb=lpCb3955x16068&t=uc&ts=1600459364045&pid=7570587998&tid=1696309551&vid=k2YzcwMjdlNTIxMjY4NjI2&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A1896709130%2C%22engId%22%3A1896709630%2C%22revision%22%3A2704%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
61c22e395552df71f3369197e12b8512081c4ec7b9ec3b27afbb146861a83a63

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:02:44 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==
collectors.sumologic.com/receiver/v1/http/ 		0
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collectors.sumologic.com/receiver/v1/http/ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==?callback=logSent
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.120.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-120-108.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-Sumo-Name
Frontend Monitoring
X-Sumo-Category
mwcm-prd
Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
X-Sumo-Host
https://mwcm-pub.prd.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Sep 2020 20:02:46 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
Content-Length
0
X-XSS-Protection
1; mode=block
ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==
collectors.sumologic.com/receiver/v1/http/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://collectors.sumologic.com/receiver/v1/http/ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==?callback=logSent
Protocol
HTTP/1.1
Server
52.44.120.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-120-108.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-sumo-category,x-sumo-host,x-sumo-name
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors

Response headers

Date
Fri, 18 Sep 2020 20:02:46 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,HEAD,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin,Content-Encoding,X-Sumo-Host,X-Sumo-Category,X-Sumo-Name,X-Sumo-Client,X-Sumo-Metadata,X-Sumo-Dimensions
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=15552000
Allow
GET, HEAD, POST, PUT, TRACE, OPTIONS
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| dataLayer undefined| _ object| optly_events object| optimizely object| NYToptly object| script object| observer object| webpackJsonpMarketing object| Marketing object| SLLogger function| SumoLogger object| NYTD function| run function| safelyCollectKeyweeEvent function| trackMethod function| head object| global undefined| provide undefined| require function| $ undefined| ender object| ns_ object| TAGX object| google_tag_manager function| postscribe function| nyt_et object| nytAnalytics function| initLivePerson object| lpTag string| campaignParams object| campaignParamsRegex function| campaignParamCompare function| getSrcParamValuesMap function| getValueWithDefault function| getQueryMap function| getCampaignMapping object| google_tag_data string| GoogleAnalyticsObject function| ga object| opty_payload undefined| jkidd_data_user_tracking object| dl_user object| gaplugins object| gaGlobal object| gaData object| ORA function| _typeof function| _extends object| proxyless object| lpMTagConfig

14 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1600459361237&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/ Name: walley_gid
Value: GA1.2.230349703.1600459361
www.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
www.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/ Name: _gcl_au
Value: 1.1.1393431047.1600459361
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/ Name: _gat_UA-58630905-1
Value: 1
.nytimes.com/ Name: walley
Value: GA1.2.1522476278.1600459361
.nytimes.com/ Name: optimizelyEndUserId
Value: oeu1600459360486r0.6574570491849263
.nytimes.com/ Name: nyt-purr
Value: cfhspnahhu
.nytimes.com/ Name: nyt-gdpr
Value: 1
.nytimes.com/ Name: nyt-a
Value: bYTvdfBpGCHMZRg4SkAnlE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
a3013110282.cdn.optimizely.com
accdn.lpsnmedia.net
c.oracleinfinity.io
cdn.optimizely.com
cdn3.optimizely.com
cigsvc.nytimes.com
collectors.sumologic.com
dc.oracleinfinity.io
e.newyorktimes.com
logx.optimizely.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
mwcm.nyt.com
stats.g.doubleclick.net
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nytimes.com
104.108.38.55
130.61.67.95
151.101.113.164
151.101.13.164
151.101.193.164
162.223.233.247
178.249.101.23
184.30.223.23
184.31.84.31
208.89.12.87
216.58.212.134
2a00:1450:4001:801::2013
2a00:1450:4001:808::2003
2a00:1450:4001:809::2008
2a00:1450:4001:819::2004
2a00:1450:4001:820::200e
2a00:1450:400c:c09::9a
2a02:26f0:eb:381::13b8
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
3.220.69.124
52.44.120.108
043fb30d73219f31231dad21169cd818576932c5dfc72ab47c2123af70c06a1c
06c8f9624b28e821014394a4dd6ee9e2da2f70c69abd5c0293c6b418587d46ec
0aabec1c8233303998810d4fff37af5f57d4ce8b8ff00d66e4006ceca53f00cc
1327f56e6a5a770999c2cce840ce58e240b38bb5aae20b03d2691f997ef28168
189daf39387aadcc9db7650ee0e9108322ba7c424590a9aa9b019a547e0e45ca
1d116412c9e71bbc23f6391bae43be3f896e66bd096d027d1305a0342b9ac097
29fe447c3d90e96e334eaa899f1094042b75bd43a4e6870c0d6947685ac664cb
44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047
4dba342f60ae1fd3e6f60289f04236b43c4ef513a95a933161059be52e335789
56aa230966ead3adaba574f6d964fa46a85b751f986b0fc591a0e9be9bb5b764
596b79be695dbe107180aa947e10b4eebeecc8fd240cf8a90f99f48fc01338ad
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61c22e395552df71f3369197e12b8512081c4ec7b9ec3b27afbb146861a83a63
65228fd2558cd49b47573d964a5615c31fa39a7c621990a4e3fb2438f2be05d1
6b4d7c9376884da0681b51381e823cab80641db592b81582b94f64ea23eda233
6dcc78e10bf6d17cde54ef2107ee180c59669244bdeebfffe6a22e0fa18f88ba
72246aeab063f977bdf850bcb9c6513cc79d5c61ff322b6bdef9edadee923dd1
7344f8edf7586116d09ef47538b695882d5ab1c5dc7c82d407b5bc9ab8a03f0a
7c37b9396a5a4231f27c16d1398221794a5a1bb3f6a734b6521338fbd9d51197
7c7c580276590fdeb9c8b2c37acb0b608ed7616a28684fd49ba71d1cce69da1a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
90068b0156a6a9c28ceee8051d732974b8e78b7c17312d9550c3c4b11c97b1a6
90db019114bcb830c53464def2150205998e91e2f57435919648a90bde2a9805
948a401e8e1c2d2612a6940e40788487eba43da17c669d57ee1a0cc21670c957
97e649e4f52da2245df01edf874b88e1e614fb5124c20e47a5602d01213583de
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
9e02571635abb0e6cc008ad440ed3ce325f28caf7be8278cdfaf068747c31e58
9e3291cd2580eddb057b806f48be65a19aef0896701036e5646652c3d6aa7786
a03933dcd96c80f04123e26cff9ddd9e299afc1bafcf6a53978292bdd68016f2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4d4be90f7293004ea724171e497b51aeed73ac67abc38dbaf14954c5de09f13
ad868a610844684acd6cd66c0913d61b96dd9458e2477fc35d5ebb4b0fffc364
b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd
c19b6adf80edcb04e5451d872f42cf8ddc57d4bc5f4902a9bdc267a85408ccfb
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
d119100a00e3274a9ca1f3d64c1a587801bd134e5c61082d46b7acedaf858483
d350f07eca36f36a217192de9afd7d817c629aba16b2461ca8b60449a1e4302d
d5a8e0f45e44da9b86819deeaf6e1d659726912ba546f73453665183fdf64af0
d5e00ed246aff437decd9de86cefea27b3a46ac5bb7c9af06033d05da55490ce
dc112f66d073a232b20be3555d782096a9abbc26af1e5333bd80bc9ed1311423
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e391f0ccab9cec1bb5dbd6268a5783c6b461f12e5ab6e6c38b9af5759499db9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f1ed2383b6346b6bac6b2c5e209f1d6805f7d6ffce933fcfdbc0bf72a6be0
eb40dcfb7ef18e2fa5cb35a6476af8ebc3f87304d9804e28029469cb1541802f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd5971eb7478a545172757bfbc027bce235ca0bea1443c4fc35a61c5dbedb8f8