urlscan.io logo urlscan.io
SecurityTrails logo

myaccount.nytimes.com Open in urlscan Pro
151.101.13.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2TTSM7OWqKvzeJRGzf4Td...
Effective URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.c...
Submission: On April 24 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 37 HTTP transactions. The main IP is 151.101.13.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is myaccount.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.
This is the only time myaccount.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.223.233.247 15334 (RESPONSYS)
12 151.101.13.164 54113 (FASTLY)
1 195.35.90.82 15768 (ASWORLDPAY)
6 151.101.113.164 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 13.225.73.63 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.206.143.28 14618 (AMAZON-AES)
1 52.58.148.114 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
37 11
1    162.223.233.247 (United States)

ASN15334 (RESPONSYS, US)
PTR: e.newyorktimes.com
e.newyorktimes.com
12    151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
myaccount.nytimes.com
a1.nyt.com
1    195.35.90.82 (Hove, United Kingdom)

ASN15768 (ASWORLDPAY, GB)
payments.worldpay.com
6    151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
typeface.nyt.com
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:821::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a.nytimes.com
a.et.nytimes.com
1    13.225.73.63 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-63.fra2.r.cloudfront.net
js.datadome.co
3    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    34.206.143.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-143-28.compute-1.amazonaws.com
et.nytimes.com
1    52.58.148.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-148-114.eu-central-1.compute.amazonaws.com
api-js.datadome.co
1    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
11 myaccount.nytimes.com myaccount.nytimes.com
6 typeface.nyt.com myaccount.nytimes.com
3 www.google.com myaccount.nytimes.com
www.gstatic.com
3 a.et.nytimes.com myaccount.nytimes.com
2 a.nytimes.com a1.nyt.com
myaccount.nytimes.com
1 www.gstatic.com www.google.com
1 api-js.datadome.co js.datadome.co
1 js.datadome.co myaccount.nytimes.com
1 et.nytimes.com myaccount.nytimes.com
1 www.googletagmanager.com a1.nyt.com
1 payments.worldpay.com myaccount.nytimes.com
1 a1.nyt.com myaccount.nytimes.com
1 e.newyorktimes.com 1 redirects
0 www.google-analytics.com Failed www.googletagmanager.com
0 safetechpageencryption.chasepaymentech.com Failed myaccount.nytimes.com
37 15

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com
policies.google.com
Subject Issuer Validity Valid
nytimes.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-03 -
2022-04-06		 2 years crt.sh
payments.worldpay.com
DigiCert Global CA G2		 2018-08-08 -
2020-09-01		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.datadome.co
Gandi Standard SSL CA 2		 2019-10-08 -
2021-10-21		 2 years crt.sh
a.et.nytimes.com
COMODO RSA Domain Validation Secure Server CA		 2018-08-27 -
2020-08-26		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Frame ID: 5221045E844180F1D452CD6377066A87
Requests: 37 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&badge=none&cb=qa0yxtdp9v5q
Frame ID: 14BC9DA57FC90CAD6511FAAA23E75D8E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=fxqduutdrk8s
Frame ID: E9EE0AEC8DCEC9B7ECCA1C6D8AD0F13A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2... HTTP 302
    https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8 Page URL
  2. https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

37
Requests

86 %
HTTPS

36 %
IPv6

10
Domains

15
Subdomains

11
IPs

3
Countries

1374 kB
Transfer

2359 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2TTSM7OWqKvzeJRGzf4TdrkOoDVXtpKX%3DAACTCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnVt9fe-YzBTuNzdXIQcU_u4UYHBEjkwJcR_LffatxLIDkp2nmyJ7SKpcbJfvR0qByLd0Xk5ToCKi9GvYBGgNi3BcEnHugVhA4Wrmu7REs.&_di_=2kr48t4uo175qggj90m4udbb4lcg1do24r3iohqicc926kom5ma0 HTTP 302
    https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8 Page URL
  2. https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2TTSM7OWqKvzeJRGzf4TdrkOoDVXtpKX%3DAACTCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnVt9fe-YzBTuNzdXIQcU_u4UYHBEjkwJcR_LffatxLIDkp2nmyJ7SKpcbJfvR0qByLd0Xk5ToCKi9GvYBGgNi3BcEnHugVhA4Wrmu7REs.&_di_=2kr48t4uo175qggj90m4udbb4lcg1do24r3iohqicc926kom5ma0 HTTP 302
  • https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
manage-billing
myaccount.nytimes.com/get-started/
Redirect Chain
  • https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2TTSM7OWqKvzeJRGzf4TdrkOoDVXtpKX%3DAACTCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnVt9fe-YzBTuNzdXIQcU_u4UYH...
  • https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
e51be335332b8edfdf987148a89db54e63715b676fe5227db6fc13338e0b117b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
myaccount.nytimes.com
:scheme
https
:path
/get-started/manage-billing?campaignId=666L8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN DENY
x-xss-protection
1; mode=block
x-datadome-timer
S1587742955.263871,VS0,VE3
fastly-restarts
1
accept-ranges
bytes bytes
age
0 0
date
Fri, 24 Apr 2020 15:42:35 GMT
via
1.1 varnish
x-datadome
protected
set-cookie
datadome=8n9eowVM8G.AFd6QDjs8rqz.kR.93icdqQnAH8aUu5plq85WwhbUaaTZ~eoCATb2FtaqDefN2UdCQ4GvQbuItA8tGMHD5R1vp3DhGrlykk; Max-Age=31536000; Domain=.nytimes.com; Path=/; SameSite=Lax
x-served-by
cache-fra19141-FRA
x-cache
MISS
x-cache-hits
0
x-api-version
content-length
1521

Redirect headers

Date
Fri, 24 Apr 2020 15:42:34 GMT
Server
Apache
P3P
policyref="http://policy5.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma
no-cache
Cache-Control
no-store, no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
6.interact5.Tr6.....N.N...=_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2TTSM7OWqKvzeJRGzf4TdrkOoDVXtpKX%3DAACTCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnVt9fe-YzBTuNzdXIQcU_u4UYHBEjkwJcR_LffatxLIDkp2nmyJ7SKpcbJfvR0qByLd0Xk5ToCKi9GvYBGgNi3BcEnHugVhA4Wrmu7REs; expires=Sun, 24-Apr-2022 15:42:34 GMT; Domain=.newyorktimes.com; Path=/pub; HttpOnly
Location
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Connection
close
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
main.css
myaccount.nytimes.com/get-started/css/ 		137 KB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/get-started/css/main.css
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cache-tags
pflow-cf-cache
strict-transport-security
max-age=31536000
via
1.1 varnish
x-api-version
age
0
x-cache
MISS
status
200
content-length
139919
x-xss-protection
1; mode=block
x-served-by
cache-fra19141-FRA
last-modified
Wed, 22 Apr 2020 15:16:06 GMT
server
Apache
date
Fri, 24 Apr 2020 15:42:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css
expires
Fri, 24 Apr 2020 15:47:36 GMT
cache-control
max-age=300, max-age=300
x-datadome-timer
(null),VE360
accept-ranges
bytes
x-cache-hits
0
vendor.bundle.3882aa4053237e85d23d.js
myaccount.nytimes.com/get-started/js/dest/ 		152 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/get-started/js/dest/vendor.bundle.3882aa4053237e85d23d.js
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
193178a0a21c32736642bf1b2ed09c59c6b97ccccc4bfb9c271141dedc58a679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cache-tags
pflow-cf-cache
strict-transport-security
max-age=31536000
via
1.1 varnish
x-api-version
age
205
x-cache
HIT
status
200
content-length
155430
x-xss-protection
1; mode=block
x-served-by
cache-fra19141-FRA
last-modified
Wed, 22 Apr 2020 15:16:07 GMT
server
Apache
date
Fri, 24 Apr 2020 15:42:35 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
expires
Fri, 24 Apr 2020 05:54:42 GMT
cache-control
max-age=300, max-age=300
x-datadome-timer
(null),VE364
accept-ranges
bytes
x-cache-hits
1
manage_billing.bundle.3882aa4053237e85d23d.js
myaccount.nytimes.com/get-started/js/dest/ 		459 KB
459 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.3882aa4053237e85d23d.js
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cache-tags
pflow-cf-cache
strict-transport-security
max-age=31536000
via
1.1 varnish
x-api-version
age
0
x-cache
MISS
status
200
content-length
469631
x-xss-protection
1; mode=block
x-served-by
cache-fra19141-FRA
last-modified
Wed, 22 Apr 2020 15:16:06 GMT
server
Apache
date
Fri, 24 Apr 2020 15:42:36 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
expires
Fri, 24 Apr 2020 15:47:36 GMT
cache-control
max-age=300, max-age=300
x-datadome-timer
(null),VE378
accept-ranges
bytes
x-cache-hits
0
json-kidd.min.js
a1.nyt.com/analytics/ 		179 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.nyt.com/analytics/json-kidd.min.js
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-goog-hash
crc32c=v1pasg==, md5=Tz6MyHaLaUIsqSd75KXAhA==
date
Fri, 24 Apr 2020 15:42:36 GMT
content-encoding
gzip
age
38027
x-guploader-uploadid
AEnB2UoWGCrcG99q2kgMPzBc72Sa95QMzxq58cExk5Qu_F28ZVO8NLHhUyvnjXk1wmU47vb-xGVGKi_oqfHMVIc80Avkj4A3ng
x-cache
HIT
x-goog-storage-class
REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
44547
via
1.1 varnish
x-served-by
cache-fra19141-FRA
accept-ranges
bytes
expires
Sat, 28 Mar 2020 05:05:46 GMT
last-modified
Thu, 26 Mar 2020 18:56:12 GMT
server
UploadServer
x-timer
S1587742957.504451,VS0,VE0
etag
"4f3e8cc8768b69422ca9277be4a5c084"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1585248972379635
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
183751
x-nyt-pagetype
nyt-dti-analytic
content-type
application/javascript
x-cache-hits
121
manage-billing-profile
myaccount.nytimes.com/svc/get-started/api/v1/user/ 		84 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/svc/get-started/api/v1/user/manage-billing-profile?country=NL
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.3882aa4053237e85d23d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Authorization
Cookie
Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish
fastly-restarts
1
x-datadome
protected
x-api-version
x-cache
MISS
status
401
content-length
84
x-xss-protection
1; mode=block
x-served-by
cache-fra19141-FRA
pragma
no-cache
server
Apache
date
Fri, 24 Apr 2020 15:42:37 GMT
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-datadome-timer
S1587742957.979782,VS0,VE4
accept-ranges
bytes, bytes
x-cache-hits
0
nyt-credit-card-encryption.min.js
myaccount.nytimes.com/get-started/pt/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/get-started/pt/nyt-credit-card-encryption.min.js
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.3882aa4053237e85d23d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cache-tags
pflow-cf-cache
strict-transport-security
max-age=31536000
via
1.1 varnish
x-api-version
age
393
x-cache
HIT
status
200
content-length
1904
x-xss-protection
1; mode=block
x-served-by
cache-fra19141-FRA
last-modified
Wed, 22 Apr 2020 15:16:10 GMT
server
Apache
date
Fri, 24 Apr 2020 15:42:37 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
expires
Fri, 24 Apr 2020 09:35:46 GMT
cache-control
max-age=300, max-age=300
x-datadome-timer
(null),VE361
accept-ranges
bytes
x-cache-hits
1
worldpay-cse-1.latest.min.js
payments.worldpay.com/resources/cse/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.worldpay.com/resources/cse/js/worldpay-cse-1.latest.min.js
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.3882aa4053237e85d23d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.35.90.82 Hove, United Kingdom, ASN15768 (ASWORLDPAY, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 15:42:37 GMT
Last-Modified
Tue, 01 Oct 2019 12:46:44 GMT
Server
ETag
"8ec6-593d8bea11500"
Content-Language
en
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Keep-Alive
timeout=5, max=100
Content-Length
36550
nyt-logo-379x64.svg
myaccount.nytimes.com/img/ 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myaccount.nytimes.com/img/nyt-logo-379x64.svg
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cache-tags
myacc-cf-cache
date
Fri, 24 Apr 2020 15:42:37 GMT
content-encoding
gzip
x-api-version
age
0
x-cache
HIT
status
200
content-length
3240
x-xss-protection
1; mode=block
x-served-by
cache-fra19141-FRA
last-modified
Thu, 23 Apr 2020 17:19:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 google, 1.1 varnish
expires
Fri, 24 Apr 2020 07:00:06 GMT
cache-control
max-age=600
x-datadome-timer
(null),VE116
accept-ranges
bytes
x-cache-hits
1
truncated
/ 		311 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		871 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.3882aa4053237e85d23d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://myaccount.nytimes.com/get-started/css/main.css
Origin
https://myaccount.nytimes.com

Response headers

x-goog-hash
crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date
Fri, 24 Apr 2020 15:42:37 GMT
via
1.1 varnish
age
26237675
x-guploader-uploadid
AEnB2UrOWS1A3H3qyXURrGP_YBdOI7-WWh2YMph_a6KXI_7QA3kw3t65ACtBQ7d7ocpyUf7QDNKeccuHTeR4DIU3VhIBj8nL6Q
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
29324
x-served-by
cache-hhn4034-HHN
accept-ranges
bytes
expires
Wed, 24 Jun 2020 23:28:03 GMT
last-modified
Mon, 04 Mar 2019 22:54:23 GMT
server
UploadServer
x-timer
S1587742957.229022,VS0,VE0
etag
"728e9527fef73904783dd2561029d091"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1551740063832137
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
29324
x-nyt-pagetype
nyt-fonts-legacy-asset
content-type
font/woff
x-cache-hits
1957
nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.3882aa4053237e85d23d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://myaccount.nytimes.com/get-started/css/main.css
Origin
https://myaccount.nytimes.com

Response headers

x-goog-hash
crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date
Fri, 24 Apr 2020 15:42:37 GMT
via
1.1 varnish
age
26237674
x-guploader-uploadid
AEnB2UqBI1h_fayqElwwPN37eDAY6jwBH6vQTpt6U5cTn6qTVPungt384_Q4Imk4HqNkQufJKSx9QIWId6Lyc478kZA-WRmEUA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
29504
x-served-by
cache-hhn4034-HHN
accept-ranges
bytes
expires
Wed, 24 Jun 2020 23:28:03 GMT
last-modified
Mon, 04 Mar 2019 22:54:23 GMT
server
UploadServer
x-timer
S1587742957.229708,VS0,VE0
etag
"2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1551740063855820
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
29504
x-nyt-pagetype
nyt-fonts-legacy-asset
content-type
font/woff
x-cache-hits
1637
nyt-cheltenham-400-normal.woff
typeface.nyt.com/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://typeface.nyt.com/fonts/nyt-cheltenham-400-normal.woff
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.3882aa4053237e85d23d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://myaccount.nytimes.com/get-started/css/main.css
Origin
https://myaccount.nytimes.com

Response headers

x-goog-hash
crc32c=v73sdg==, md5=XWRCccJdoHUNzvvn3PvevA==
date
Fri, 24 Apr 2020 15:42:37 GMT
via
1.1 varnish
age
26237550
x-guploader-uploadid
AEnB2UrVz1IzSSrFsWaA-g1Fr9L_Jovr7P6E3kcXWRU1E8UlRr4R2xs1goHEs-YD2d4v86y_9d9qzTeJhWw8_ZOhVtU69bbXuA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
31172
x-served-by
cache-hhn4034-HHN
accept-ranges
bytes
expires
Wed, 24 Jun 2020 23:30:07 GMT
last-modified
Mon, 04 Mar 2019 22:54:23 GMT
server
UploadServer
x-timer
S1587742957.229684,VS0,VE0
etag
"5d644271c25da0750dcefbe7dcfbdebc"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1551740063742179
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
31172
x-nyt-pagetype
nyt-fonts-legacy-asset
content-type
font/woff
x-cache-hits
1317
gtm.js
www.googletagmanager.com/ 		283 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TQS5DX3&gtm_auth=BxlVOowD_jvqTyNZ6sqMEA&gtm_preview=env-5&gtm_cookies_win=x
Requested by
Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 15:42:38 GMT
content-encoding
br
vary
*
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
61312
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
data-layer
a.nytimes.com/svc/nyt/ 		983 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing
Requested by
Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 15:42:38 GMT
content-encoding
gzip
x-appengine-log-flush-count
1
server
Google Frontend
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://myaccount.nytimes.com
x-cloud-trace-context
f2b02c63fe78e91f7ed3f44b9a21c87c
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
content-length
520
expires
Fri, 24 Apr 2020 15:42:38 GMT
Primary Request login
myaccount.nytimes.com/auth/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.3882aa4053237e85d23d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
f452d016374404fd767103ec9fe72db99b13b4c0ebfa79ff1f103f163613173c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors 'none'; block-all-mixed-content ; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

:method
GET
:authority
myaccount.nytimes.com
:scheme
https
:path
/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
datadome=N6OyeDrBDpKiE_yGYpSvboQMQEJ5WcHZvISmK2_Lst45RNE8I5qx2V1WqHn1eStyx0ymxfMvbiEcIn_Ll1E9YMmzlEz0VjcR8Wtj-MloRX
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

Response headers

status
200
content-type
text/html; charset=utf-8
x-powered-by
Express
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma
no-cache
expires
0
resp-details
[[it:lui]]
x-nyt-backend
lire-ui
x-frame-options
DENY
content-security-policy
default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors 'none'; block-all-mixed-content ; upgrade-insecure-requests
etag
W/"d73-NLuxKtUPou6qAVdaqLIRRDxInjo"
content-encoding
gzip
x-cloud-trace-context
4200cd0775df8d8eac331192fd4f929d
server
Google Frontend
x-datadome-timer
S1587742958.479322,VS0,VE6
fastly-restarts
1
accept-ranges
bytes bytes
age
0 0
date
Fri, 24 Apr 2020 15:42:38 GMT
via
1.1 varnish
x-datadome
protected
set-cookie
datadome=OFQpBlh.M-FJI6AllX118iwENegZvntq6zw-VLWiw1hANMGyXga9aMJ1U~2GvazL-L0U_1QSPEdXQgBEwVSlx6Q9___yebSKdmFOvwWAln; Max-Age=31536000; Domain=.nytimes.com; Path=/; SameSite=Lax
x-served-by
cache-fra19141-FRA
x-cache
MISS
x-cache-hits
0
vary
Accept-Encoding
x-api-version
getkey.js
safetechpageencryption.chasepaymentech.com/pie/v1/64100000000025/ 		0
0
encryption.js
safetechpageencryption.chasepaymentech.com/pie/v1/ 		0
0
track
a.et.nytimes.com/ 		0
0
analytics.js
www.google-analytics.com/ 		0
0
/
et.nytimes.com/ 		0
0
index.js
myaccount.nytimes.com/lire_ui/js/common/abra/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 15:42:38 GMT
content-encoding
gzip
x-api-version
age
69
x-cache
HIT
status
200
content-length
1252
x-served-by
cache-fra19141-FRA
expires
Tue, 21 Apr 2020 15:40:21 GMT
server
Google Frontend
etag
"t3DJoA"
content-type
application/javascript
via
1.1 varnish
x-cloud-trace-context
121a8beed170cc32f55bf75a112618e7
cache-control
public, max-age=600
x-datadome-timer
(null),VE161
accept-ranges
bytes
x-nyt-backend
lire-ui
x-cache-hits
4
unified-lire.bundle.js
myaccount.nytimes.com/lire_ui/js/ 		395 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=1a1f277
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8dbe5d5e2524b6cc87533d376818fb4e287a9325ab8cbf7e8304ec3376c069c2

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 15:42:38 GMT
content-encoding
gzip
x-api-version
age
69
x-cache
HIT
status
200
content-length
134777
x-served-by
cache-fra19141-FRA
expires
Thu, 23 Apr 2020 03:36:15 GMT
server
Google Frontend
etag
"t3DJoA"
content-type
application/javascript
via
1.1 varnish
x-cloud-trace-context
157f7b4b24173c03a307c4e87a87bbf3
cache-control
public, max-age=600
x-datadome-timer
(null),VE178
accept-ranges
bytes
x-nyt-backend
lire-ui
x-cache-hits
4
tags.js
js.datadome.co/ 		209 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.datadome.co/tags.js
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.63 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-63.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
91d53535c15b8d24609bcd035424429edca5296b9d81969b531380d6b4429d5c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
etag
"3441e-5a3dcc6294513-gzip"
age
769
x-cache
Hit from cloudfront
status
200
content-length
33900
access-control-allow-origin
*
last-modified
Wed, 22 Apr 2020 08:18:16 GMT
server
Apache
date
Fri, 24 Apr 2020 15:29:51 GMT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
P2zQanYaGEct5GPtAT7ahDKqCbj4gZMot6_wuzBkXiX-SpWbgF3foA==
expires
Fri, 24 Apr 2020 16:29:49 GMT
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://myaccount.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
data-layer
a.nytimes.com/svc/nyt/ 		967 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Flogin%3Fresponse_type%3Dcookie%26client_id%3Dmngbill%26redirect_uri%3Dhttps%253A%252F%252Fmyaccount.nytimes.com%252Fget-started%252Fmanage-billing%253FcampaignId%253D666L8
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=1a1f277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fdab4fa7da555d5085768ee3e28702208ed4d1b738e3c8fdcb247da8c7709eba

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 15:42:39 GMT
content-encoding
gzip
x-appengine-log-flush-count
1
server
Google Frontend
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://myaccount.nytimes.com
x-cloud-trace-context
210561acfddda377c1173a86111d1d3b
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
content-length
509
expires
Fri, 24 Apr 2020 15:42:39 GMT
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://myaccount.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
api.js
www.google.com/recaptcha/ 		733 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=1a1f277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3aaf928c1c1fa47c886d187bc5b695ef3f6e6ba9c9935219f92db0bf9ddd15b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 15:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
467
x-xss-protection
1; mode=block
expires
Fri, 24 Apr 2020 15:42:39 GMT
nyt-logo.svg
myaccount.nytimes.com/lire_ui/img/ 		10 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myaccount.nytimes.com/lire_ui/img/nyt-logo.svg
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d3e16687ec9c4de367a88d0da210e208574799844e0f9d4874bf41be1dd83424

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 15:42:39 GMT
content-encoding
gzip
x-api-version
age
13
x-cache
HIT
status
200
content-length
4722
x-served-by
cache-fra19141-FRA
expires
Thu, 23 Apr 2020 00:09:21 GMT
server
Google Frontend
etag
"t3DJoA"
content-type
image/svg+xml
via
1.1 varnish
x-cloud-trace-context
9130e424d6b9367da6736251f69095db
cache-control
public, max-age=600
x-datadome-timer
(null),VE145
accept-ranges
bytes
x-nyt-backend
lire-ui
x-cache-hits
1
nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Origin
https://myaccount.nytimes.com

Response headers

x-goog-hash
crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date
Fri, 24 Apr 2020 15:42:39 GMT
via
1.1 varnish
age
26237677
x-guploader-uploadid
AEnB2UrOWS1A3H3qyXURrGP_YBdOI7-WWh2YMph_a6KXI_7QA3kw3t65ACtBQ7d7ocpyUf7QDNKeccuHTeR4DIU3VhIBj8nL6Q
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
29324
x-served-by
cache-hhn4034-HHN
accept-ranges
bytes
expires
Wed, 24 Jun 2020 23:28:03 GMT
last-modified
Mon, 04 Mar 2019 22:54:23 GMT
server
UploadServer
x-timer
S1587742960.627297,VS0,VE0
etag
"728e9527fef73904783dd2561029d091"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1551740063832137
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
29324
x-nyt-pagetype
nyt-fonts-legacy-asset
content-type
font/woff
x-cache-hits
1958
nyt-cheltenham-400-normal.woff
typeface.nyt.com/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://typeface.nyt.com/fonts/nyt-cheltenham-400-normal.woff
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2f0b1be2f6f4f7fe08b35f788cdc7fc96dbb2e381966783faac2250f39de0531

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Origin
https://myaccount.nytimes.com

Response headers

x-goog-hash
crc32c=v73sdg==, md5=XWRCccJdoHUNzvvn3PvevA==
date
Fri, 24 Apr 2020 15:42:39 GMT
via
1.1 varnish
age
26237552
x-guploader-uploadid
AEnB2UrVz1IzSSrFsWaA-g1Fr9L_Jovr7P6E3kcXWRU1E8UlRr4R2xs1goHEs-YD2d4v86y_9d9qzTeJhWw8_ZOhVtU69bbXuA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
31172
x-served-by
cache-hhn4034-HHN
accept-ranges
bytes
expires
Wed, 24 Jun 2020 23:30:07 GMT
last-modified
Mon, 04 Mar 2019 22:54:23 GMT
server
UploadServer
x-timer
S1587742960.677574,VS0,VE0
etag
"5d644271c25da0750dcefbe7dcfbdebc"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1551740063742179
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
31172
x-nyt-pagetype
nyt-fonts-legacy-asset
content-type
font/woff
x-cache-hits
1318
nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Origin
https://myaccount.nytimes.com

Response headers

x-goog-hash
crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date
Fri, 24 Apr 2020 15:42:39 GMT
via
1.1 varnish
age
26237677
x-guploader-uploadid
AEnB2UqBI1h_fayqElwwPN37eDAY6jwBH6vQTpt6U5cTn6qTVPungt384_Q4Imk4HqNkQufJKSx9QIWId6Lyc478kZA-WRmEUA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
29504
x-served-by
cache-hhn4034-HHN
accept-ranges
bytes
expires
Wed, 24 Jun 2020 23:28:03 GMT
last-modified
Mon, 04 Mar 2019 22:54:23 GMT
server
UploadServer
x-timer
S1587742960.677724,VS0,VE0
etag
"2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1551740063855820
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
29504
x-nyt-pagetype
nyt-fonts-legacy-asset
content-type
font/woff
x-cache-hits
1638
/
et.nytimes.com/ 		84 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://et.nytimes.com/
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.143.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-143-28.compute-1.amazonaws.com
Software
/
Resource Hash
2d4629d9551a58086aedd6b8b5717ae21000e1e3882bc95e5d1f314d92600486

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://myaccount.nytimes.com
Date
Fri, 24 Apr 2020 15:42:39 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
84
Content-Type
application/json
/
api-js.datadome.co/js/ 		2 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.148.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-148-114.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 24 Apr 2020 15:42:41 GMT
Server
DataDome
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
2
Expires
0
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://myaccount.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
recaptcha__en.js
www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/ 		299 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 16:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Apr 2020 04:05:48 GMT
server
sffe
age
341021
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
124243
x-xss-protection
0
expires
Tue, 20 Apr 2021 16:59:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 14BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&badge=none&cb=qa0yxtdp9v5q
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0LAfPafkU3MtwVgCgXXsSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&badge=none&cb=qa0yxtdp9v5q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 24 Apr 2020 15:42:42 GMT
content-security-policy
script-src 'report-sample' 'nonce-0LAfPafkU3MtwVgCgXXsSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9997
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
bframe
www.google.com/recaptcha/api2/ Frame E9EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=fxqduutdrk8s
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7AqPO/ljQOQnyF/xE37K6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=fxqduutdrk8s
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 24 Apr 2020 15:42:43 GMT
content-security-policy
script-src 'report-sample' 'nonce-7AqPO/ljQOQnyF/xE37K6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1179
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
safetechpageencryption.chasepaymentech.com
URL
https://safetechpageencryption.chasepaymentech.com/pie/v1/64100000000025/getkey.js
Domain
safetechpageencryption.chasepaymentech.com
URL
https://safetechpageencryption.chasepaymentech.com/pie/v1/encryption.js
Domain
a.et.nytimes.com
URL
https://a.et.nytimes.com/track
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
et.nytimes.com
URL
https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%3Fproduct%3Dunknown%26mode%3Ddigi%26rate%3Dregular99%3D%2Fget-started%2Fmanage-billing%26hash%3D%26campaignId%3D666L8&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&referrer=&clientTimeStamp=1587742958705&totalTime=0&gtm=GTM-TQS5DX3-51-Production&et2_pageview_id=ZsDcnuAOr-YKkV5c4aiQ9aPF&sourceApp=seg-pip&skipFilter=%5B%22content%22%5D&callback=NYTD.EventTracker.cb0&pageMetaData=%7B%22PT%22%3A%22%22%2C%22CG%22%3A%22Digital%20Subscription%22%2C%22SCG%22%3A%22%22%2C%22byl%22%3A%22%22%2C%22tom%22%3A%22%22%2C%22hdl%22%3A%22%22%2C%22ptime%22%3A%22%22%2C%22cre%22%3A%22%22%2C%22articleid%22%3A%22%22%2C%22channels%22%3A%22%22%2C%22CN%22%3A%22%22%2C%22CT%22%3A%22%22%7D&additionalClientData=%7B%22ul%22%3A%22en-US%22%2C%22js%22%3A%22Yes%22%2C%22jv%22%3A%221.5%22%2C%22fi%22%3A%22No%22%2C%22tz%22%3A2%2C%22bh%22%3A17%2C%22cd%22%3A24%2C%22sr%22%3A%221600x1200%22%2C%22bs%22%3A%221600x1200%22%2C%22jo%22%3A%22No%22%2C%22or%22%3A%22land%22%7D

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| ddjskey object| ddoptions object| NYTD object| __core-js_shared__ object| core object| regeneratorRuntime function| nyt_et function| onloadcallback object| _0x2c98 function| _0x5523 boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed object| ddAnalyzerData object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| closure_lm_211131

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.et.nytimes.com
a.nytimes.com
a1.nyt.com
api-js.datadome.co
e.newyorktimes.com
et.nytimes.com
js.datadome.co
myaccount.nytimes.com
payments.worldpay.com
safetechpageencryption.chasepaymentech.com
typeface.nyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
a.et.nytimes.com
et.nytimes.com
safetechpageencryption.chasepaymentech.com
www.google-analytics.com
13.225.73.63
151.101.113.164
151.101.13.164
162.223.233.247
195.35.90.82
2a00:1450:4001:809::2004
2a00:1450:4001:817::2008
2a00:1450:4001:81a::2003
2a00:1450:4001:821::2013
34.206.143.28
52.58.148.114
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
193178a0a21c32736642bf1b2ed09c59c6b97ccccc4bfb9c271141dedc58a679
2d4629d9551a58086aedd6b8b5717ae21000e1e3882bc95e5d1f314d92600486
2f0b1be2f6f4f7fe08b35f788cdc7fc96dbb2e381966783faac2250f39de0531
3aaf928c1c1fa47c886d187bc5b695ef3f6e6ba9c9935219f92db0bf9ddd15b2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
8dbe5d5e2524b6cc87533d376818fb4e287a9325ab8cbf7e8304ec3376c069c2
91d53535c15b8d24609bcd035424429edca5296b9d81969b531380d6b4429d5c
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
d3e16687ec9c4de367a88d0da210e208574799844e0f9d4874bf41be1dd83424
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51be335332b8edfdf987148a89db54e63715b676fe5227db6fc13338e0b117b
f452d016374404fd767103ec9fe72db99b13b4c0ebfa79ff1f103f163613173c
fdab4fa7da555d5085768ee3e28702208ed4d1b738e3c8fdcb247da8c7709eba