www.nytimes.com Open in urlscan Pro
151.101.65.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r.clk71.com/rs.ashx?ms=MLBU07%3A143496_115211&e=egross%40fhlbc.com&eId=834841845&c=h&url=https%3A%2F%2Fwww.n...
Effective URL:
https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Submission Tags: falconsandbox
Submission: On September 02 via api (September 2nd 2022, 6:09:27 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 49 HTTP transactions. The main IP is 151.101.65.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2513.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	20.121.109.104 20.121.109.104	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
6	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
2	174.129.223.242 174.129.223.242	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	52.207.181.173 52.207.181.173	14618 (AMAZON-AES) (AMAZON-AES)
4	104.96.143.105 104.96.143.105	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	130.61.67.95 130.61.67.95	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
7	178.249.101.98 178.249.101.98	11054 (LIVEPERSON) (LIVEPERSON)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
49	16

1 20.121.109.104 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clk71.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.129.223.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-223-242.compute-1.amazonaws.com

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.207.181.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-181-173.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.96.143.105 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-143-105.deploy.static.akamaitechnologies.com

c.oracleinfinity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.61.67.95 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)

dc.oracleinfinity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.249.101.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: am-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	nyt.com mwcm.nyt.com — Cisco Umbrella Rank: 21824 a1.nyt.com — Cisco Umbrella Rank: 8624	364 KB
9	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3340 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3756	412 KB
6	oracleinfinity.io c.oracleinfinity.io — Cisco Umbrella Rank: 9264 dc.oracleinfinity.io — Cisco Umbrella Rank: 9284	36 KB
6	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 2513 a.nytimes.com — Cisco Umbrella Rank: 7816 a.et.nytimes.com — Cisco Umbrella Rank: 6447	19 KB
4	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3392 va.v.liveperson.net — Cisco Umbrella Rank: 3735	109 KB
2	doubleclick.net 1 redirects 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 9415	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9270	870 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 78	916 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 620	261 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	111 KB
1	clk71.com 1 redirects r.clk71.com	320 B
49	12

	Domain	Requested by
16	mwcm.nyt.com	www.nytimes.com mwcm.nyt.com
7	lpcdn.lpsnmedia.net	lptag.liveperson.net
4	c.oracleinfinity.io	www.googletagmanager.com c.oracleinfinity.io
3	a.et.nytimes.com	www.nytimes.com
2	va.v.liveperson.net	lptag.liveperson.net
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	dc.oracleinfinity.io	c.oracleinfinity.io
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	lptag.liveperson.net	www.nytimes.com
2	a.nytimes.com	mwcm.nyt.com a1.nyt.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	insight.adsrvr.org	www.nytimes.com
1	www.googletagmanager.com	a1.nyt.com
1	a1.nyt.com	www.nytimes.com
1	www.nytimes.com
1	r.clk71.com	1 redirects
49	18

This site contains links to these domains. Also see Links.

Domain
help.nytimes.com
subscribe.inyt.com
nyt.qualtrics.com
www.nytco.com
myaccount.nytimes.com
optout.privacyrights.info
www.privacyrights.info
nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2022-03-14` - `2023-04-14`	a year	crt.sh
a.nytimes.com R3	`2022-08-16` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
a.et.nytimes.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
c.oracleinfinity.io DigiCert TLS RSA SHA256 2020 CA1	`2022-08-22` - `2023-08-25`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
dc.oracleinfinity.io DigiCert TLS RSA SHA256 2020 CA1	`2022-08-19` - `2023-09-07`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-07` - `2023-02-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-03-22` - `2023-03-22`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Frame ID: 217A7446A67B0AB6BE3CF25CC5BD86E9
Requests: 45 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM
Frame ID: 93073C14C3E67B5E91E57C95AFBA55CE
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM
Frame ID: C00176F1801209CA4B47578343B77C50
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM
Frame ID: A7E6BBB58494515A6FB1726661B7C215
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod
Frame ID: D7FA4FE174C26F36F6CC6E0C8D5D4FD0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The New York Times: Digital and Home Delivery Subscriptions

Page URL History Show full URLs

http://r.clk71.com/rs.ashx?ms=MLBU07%3A143496_115211&e=egross%40fhlbc.com&eId=834841845&c=h&url... HTTP 302
https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

49
Requests

100 %
HTTPS

24 %
IPv6

12
Domains

18
Subdomains

16
IPs

3
Countries

1074 kB
Transfer

2959 kB
Size

22
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancellation
Title: cancel

Search URL Search Domain Scan URL

URL: https://subscribe.inyt.com/?utm_campaign=digisubslpinytstrip&utm_medium=web&utm_source=nytimes.com
Title: Find Offers

Search URL Search Domain Scan URL

URL: http://nyt.qualtrics.com/jfe/form/SV_6xph8FSrgDdOgap
Title: Tell us why.

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: The New York Times Company

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/membercenter/feedback.html
Title: Feedback

Search URL Search Domain Scan URL

URL: https://optout.privacyrights.info/?c=1
Title: website

Search URL Search Domain Scan URL

URL: https://www.privacyrights.info/appchoices
Title: apps

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: view our Cookie Policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r.clk71.com/rs.ashx?ms=MLBU07%3A143496_115211&e=egross%40fhlbc.com&eId=834841845&c=h&url=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM HTTP 302
https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request subscription Show response
www.nytimes.com/
Redirect Chain

http://r.clk71.com/rs.ashx?ms=MLBU07%3A143496_115211&e=egross%40fhlbc.com&eId=834841845&c=h&url=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid...
https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM

69 KB
17 KB

668ms
603ms

Document
text/html

151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3459e3235f82a02e0db9b4ce61facf30390f91ccee578d2d40cee2dbc9734fa5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 15746
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html;charset=UTF-8
date: Fri, 02 Sep 2022 18:09:21 GMT
expires: 0
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/subscription?campaignId=77YH8&mc=ERental
pragma: no-cache
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding,x-nyt-country, x-nyt-user-status, x-nyt-continent, X-NYT-Currency, Fastly-SSL
x-api-version: F-X
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 125
x-frame-options: DENY
x-gdpr: 1
x-magnolia-vary: x-nyt-country, x-nyt-user-status, x-nyt-continent, X-NYT-Currency
x-nyt-app-webview: 0
x-nyt-edge-cache: MISS
x-nyt-route: mwcm
x-origin-time: 2022-09-02 18:09:21 UTC
x-served-by: cache-hhn4057-HHN
x-timer: S1662142161.868724,VS0,VE584

Redirect headers

Cache-Control: private
Content-Length: 213
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Sep 2022 18:09:20 GMT
Location: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H2 200 common.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/ 135 KB
40 KB 60ms
26ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 298b6139ad68acfea2b479bd0781296b7699478921e13f80658de0d56cd2a38c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 79199
x-cache: HIT
x-envoy-upstream-service-time: 8
content-length: 40696
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:55:02 GMT
server: envoy
x-timer: S1662142162.512710,VS0,VE1
x-origin-server: mwcm-pub-est06.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 336

GET
H2 200 main.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/js/src/ 9 KB
3 KB 64ms
30ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/js/src/main.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: b5cf2a0975474b9fc8d133b8c45caaefb580c0a208c251f75869d65aca5063c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 240755
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 2760
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:55:02 GMT
server: envoy
x-timer: S1662142162.512737,VS0,VE1
x-origin-server: mwcm-pub-est03.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/ 36 KB
6 KB 63ms
30ms Stylesheet
text/css 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 5acc64ee6d0daa058d135fc050b5b9be625c11db2edade7fa14b835842fe1346

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 79183
x-cache: HIT
x-envoy-upstream-service-time: 4
content-length: 5895
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:55:02 GMT
server: envoy
x-timer: S1662142162.512432,VS0,VE1
x-origin-server: mwcm-pub-est05.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 logo-nyt-header.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/ 5 KB
2 KB 16ms
16ms Image
image/svg+xml 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/logo-nyt-header.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 71a1a7e4b8e99b30226b248180515bec029985cc0c6777e286efa7db1dd3c855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 320197
x-cache: HIT
x-envoy-upstream-service-time: 2
content-encoding: gzip
content-length: 1844
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:56 GMT
server: envoy
x-timer: S1662142162.540635,VS0,VE0
x-origin-server: mwcm-pub-est06.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 apple-pay.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/paymentMethodIcons/ 10 KB
4 KB 18ms
17ms Image
image/svg+xml 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/paymentMethodIcons/apple-pay.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 014d02c08acc72a966821521d404e546476939d7c3c11ba704da3d27a37e4f1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 79183
x-cache: HIT
x-envoy-upstream-service-time: 3
content-encoding: gzip
content-length: 4118
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:56 GMT
server: envoy
x-timer: S1662142162.542669,VS0,VE1
x-origin-server: mwcm-pub-est02.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 paypal.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/paymentMethodIcons/ 9 KB
4 KB 19ms
19ms Image
image/svg+xml 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/paymentMethodIcons/paypal.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 7a976ee7a5a94eeace0964f063e7d3ca23346cc27e6062fcfdd478cdb74f4632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 316367
x-cache: HIT
x-envoy-upstream-service-time: 3
content-encoding: gzip
content-length: 3496
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:56 GMT
server: envoy
x-timer: S1662142162.543296,VS0,VE1
x-origin-server: mwcm-pub-est09.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 card-text.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/paymentMethodIcons/ 2 KB
1 KB 19ms
18ms Image
image/svg+xml 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/paymentMethodIcons/card-text.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: a02613705ac7729e7ff38fe1f672e160d9c9a9b89bcb14f7b987e729fa423357

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 79183
x-cache: HIT
x-envoy-upstream-service-time: 3
content-encoding: gzip
content-length: 1014
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:56 GMT
server: envoy
x-timer: S1662142162.543274,VS0,VE1
x-origin-server: mwcm-pub-est08.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 logo_nyt_white.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/ 5 KB
2 KB 17ms
17ms Image
image/svg+xml 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/logo_nyt_white.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 1b1ccd6baa74deba9b066d2cebb5d57556a198e17e40adfe43784304c06799fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 79208
x-cache: HIT
x-envoy-upstream-service-time: 2
content-encoding: gzip
content-length: 1871
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:56 GMT
server: envoy
x-timer: S1662142162.543293,VS0,VE0
x-origin-server: mwcm-pub-est10.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 17

GET
H2 200 json-kidd.min.js Show response
a1.nyt.com/analytics/ 174 KB
43 KB 90ms
17ms Script
text/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/json-kidd.min.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e78c9813830e2a862af759849ad502a58c3569e9cfd8aff883a79eaa2758e7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-goog-hash: crc32c=ZDsUqQ==, md5=yHW5UB3QsEv+A8Mnfri8cQ==
date: Fri, 02 Sep 2022 18:09:21 GMT
content-encoding: gzip
content-type: text/javascript; charset=utf-8
age: 65244
x-guploader-uploadid: ADPycdtBi1Umoq4Sae7WcTB-8RgPf5DR5nlWH_sALsP_qKzYKI0NC1qNtnNW8NivxmjpDrEfpybefHJe2WsGCjBzMfvFEw
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-length: 42867
via: 1.1 varnish
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
expires: Thu, 11 Aug 2022 00:54:46 GMT
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1662142162.616486,VS0,VE0
etag: "c875b9501dd0b04bfe03c3277eb8bc71"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1640215841962557
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
x-goog-stored-content-length: 178016
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 45

GET
H2 200 nyt-franklin-600-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 47 KB
48 KB 84ms
47ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-600-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: fd5971eb7478a545172757bfbc027bce235ca0bea1443c4fc35a61c5dbedb8f8

Request headers

Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 79183
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 48566
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:55 GMT
server: envoy
x-timer: S1662142162.590719,VS0,VE1
x-origin-server: mwcm-pub-est10.prd.iad1.nyt.net
content-type: application/x-font-woff;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 script.js Show response
mwcm.nyt.com/dam/jcr:3e39cdd6-c938-4b03-8fc1-f9e7c3acecd0/ 3 KB
1 KB 17ms
16ms Script
text/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/dam/jcr:3e39cdd6-c938-4b03-8fc1-f9e7c3acecd0/script.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 99c2c7d30041b2903661abcc4da976b0c51d0bddcef857829b61c26b91be0675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 232734
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 1137
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Wed, 27 Jan 2021 22:46:06 GMT
server: envoy
x-timer: S1662142162.572195,VS0,VE1
x-origin-server: mwcm-pub-est04.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 nyt-cheltenham-300-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 16 KB
17 KB 56ms
47ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-cheltenham-300-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 9e3291cd2580eddb057b806f48be65a19aef0896701036e5646652c3d6aa7786

Request headers

Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 79183
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 16844
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:55 GMT
server: envoy
x-timer: S1662142162.590779,VS0,VE1
x-origin-server: mwcm-pub-est04.prd.iad1.nyt.net
content-type: application/x-font-woff;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 nyt-franklin-700-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 29 KB
29 KB 32ms
23ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-700-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: ad868a610844684acd6cd66c0913d61b96dd9458e2477fc35d5ebb4b0fffc364

Request headers

Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 79183
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 29504
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:55 GMT
server: envoy
x-timer: S1662142162.590735,VS0,VE1
x-origin-server: mwcm-pub-est03.prd.iad1.nyt.net
content-type: application/x-font-woff;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 nyt-cheltenham-500-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 32 KB
32 KB 32ms
23ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-cheltenham-500-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 7c37b9396a5a4231f27c16d1398221794a5a1bb3f6a734b6521338fbd9d51197

Request headers

Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 79183
x-cache: HIT
x-envoy-upstream-service-time: 2
content-length: 32532
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:55 GMT
server: envoy
x-timer: S1662142162.590747,VS0,VE1
x-origin-server: mwcm-pub-est01.prd.iad1.nyt.net
content-type: application/x-font-woff;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 928 B
1019 B 396ms
143ms XHR
application/json 174.129.223.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 174.129.223.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-223-242.compute-1.amazonaws.com
Software: envoy /
Resource Hash: e467441a1ba01b26f2b317240e9baa04d66cf652e0baad3824827517bc6d155a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
content-encoding: gzip
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: b7943065a205a0880319a5fdbfe1c2a1
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 37
access-control-allow-headers: Content-Type, x-requested-by
expires: Fri, 02 Sep 2022 18:09:21 GMT

GET
H2 200 nyt-franklin-300-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 29 KB
29 KB 41ms
41ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-300-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: d5a8e0f45e44da9b86819deeaf6e1d659726912ba546f73453665183fdf64af0

Request headers

Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 79183
x-cache: HIT
x-envoy-upstream-service-time: 2
content-length: 29448
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:55 GMT
server: envoy
x-timer: S1662142162.614489,VS0,VE1
x-origin-server: mwcm-pub-est10.prd.iad1.nyt.net
content-type: application/x-font-woff;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 414 KB
111 KB 69ms
31ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

faf63bc4635681e9130053e6f39615fa8cd7ba94d411201aebe49b2b326ac290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113132
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 973 B
1 KB 344ms
142ms XHR
application/json 174.129.223.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?caller_id=MOPS-jkjs&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&jkcb=1662142161636
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 174.129.223.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-223-242.compute-1.amazonaws.com
Software: envoy /
Resource Hash: e6d4f17639a5fd3c3d38e11ad5f3aee80275e3d7ef7ed7317d036272012078ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
content-encoding: gzip
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 14676098c5f34f07458d499f5751a7a2
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 36
access-control-allow-headers: Content-Type, x-requested-by
expires: Fri, 02 Sep 2022 18:09:21 GMT

GET
H2 200 nyt-franklin-500-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 29 KB
29 KB 23ms
23ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-500-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 596b79be695dbe107180aa947e10b4eebeecc8fd240cf8a90f99f48fc01338ad

Request headers

Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 235173
x-cache: HIT
x-envoy-upstream-service-time: 2
content-length: 29324
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:55 GMT
server: envoy
x-timer: S1662142162.663581,VS0,VE2
x-origin-server: mwcm-pub-est05.prd.iad1.nyt.net
content-type: application/x-font-woff;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 track
a.et.nytimes.com/ 0
0 479ms
113ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK odc.js Show response
c.oracleinfinity.io/acs/account/cialth61ui/js/main/ 39 KB
12 KB 239ms
27ms Script
application/javascript 104.96.143.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.143.105 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-143-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc112f66d073a232b20be3555d782096a9abbc26af1e5333bd80bc9ed1311423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Unused62: 8096267
Date: Fri, 02 Sep 2022 18:09:22 GMT
Content-Encoding: gzip
Content-MD5: 1EDP6vOJ/5leSnMJcbt5ww==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 10998
Pragma: no-cache
Last-Modified: Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id: iad-1:manrrqWzY3amY83WRiIn1xQztClZHQWt-a6ysI5X-JPCN0qr8r9RjAB72-bZi3ep
x-api-id: native
ETag: a127ca8e-29c4-4e59-864c-7de71c0592d5
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: 454af658-eba1-49cc-82fb-e7f7fe05532c
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 02 Sep 2022 18:09:22 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 160ms
28ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=17743901

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4042
date: Fri, 02 Sep 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 02 Sep 2022 19:02:00 GMT

GET
H3

200

activityi;dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3Fcamp... Show response
5290727.fls.doubleclick.net/ Frame 9307
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3Fca...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fw...

674 B
472 B

91ms
53ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

e8d365d1c63e2ea8cca4cd6350256b29b9aa3e833e8c5c43fce57b7e4fe07f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 447
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 18:09:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 18:09:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 138ms
51ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1392608352
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Sep 2022 18:09:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/ 279 KB
99 KB 61ms
61ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

9bd50fd3a8c54d54e705c1d7d25e26ac71b89567d2c0cf3cc0ade549c3937f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 22ms
22ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=511421230&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&dr=&ul=en-us&de=UTF-8&dt=The%20New%20York%20Times%3A%20Digital%20and%20Home%20Delivery%20Subscriptions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=USGM&cs=SMS&cm=ERental&ck=&cc=&_u=YEBAAEABAAAAAC~&jid=1996448294&gjid=216231625&cid=1880230856.1662142162&tid=UA-58630905-1&_gid=2038270762.1662142162&_r=1&gtm=2wg8v0WF9QCL2&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM&cd3=%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM&cd9=&cd10=SMS&cd13=null&cd14=null&cd15=paid&cd16=marketing_campaign&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd37=0&cd42=MOPS&cd43=&cd44=&cd45=&cd46=&cd48=null&cd49=blurb_under_100&cd52=&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&cd95=&cd109=0&cd110=0&cd111=0&cd112=0&cd113=0&cd122=0&cd123=0&cd124=0&cd125=0&cd126=0&cd127=0&cd138=0&cd139=0&cd141=0&cd142=0&cd143=0&cd144=0&cd145=0&cd146=0&cd147=0&cd148=0&cd162=0&cd163=0&z=843589218

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Sep 2022 18:09:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK analytics-production.js Show response
c.oracleinfinity.io/acs/account/cialth61ui/js/main/ 4 KB
2 KB 26ms
26ms Script
application/javascript 104.96.143.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production.js
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.143.105 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-143-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e40f1ed2383b6346b6bac6b2c5e209f1d6805f7d6ffce933fcfdbc0bf72a6be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Unused62: 8096267
Date: Fri, 02 Sep 2022 18:09:22 GMT
Content-Encoding: gzip
Content-MD5: qnF0/5dScUlTxy1fgptUSg==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 1429
Pragma: no-cache
Last-Modified: Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id: iad-1:WSlJDHdwIJjema3njEBWixDc6mIki-g9bar26veZFYoecP-P4PCljcnr-ZlGU250
x-api-id: native
ETag: bce2d2d6-0bcc-4034-ada0-181fcce0d61d
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: af0c379b-abd4-44f3-984d-c815e20cc683
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 02 Sep 2022 18:09:22 GMT

GET
H/1.1 200
OK common.js Show response
c.oracleinfinity.io/acs/common/js/1.3.37/ 33 KB
12 KB 52ms
52ms Script
application/javascript 104.96.143.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/common/js/1.3.37/common.js
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.143.105 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-143-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65228fd2558cd49b47573d964a5615c31fa39a7c621990a4e3fb2438f2be05d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Unused62: 8096267
Date: Fri, 02 Sep 2022 18:09:22 GMT
Content-Encoding: gzip
Content-MD5: i3lzre/Ca4wN1pXfrk1n9w==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 11579
Pragma: no-cache
Last-Modified: Sat, 11 Jul 2020 02:07:25 GMT
opc-request-id: iad-1:WjsryfdJz_fcD5EauZyTheyhC08WcHL1cQIZHhrCa_8oTXfGxrLmJZTn0uuu9soZ
x-api-id: native
ETag: 9e584f22-eda0-480e-8f51-7abe4ffee9fe
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: d5e20d9f-cf77-4a6c-ab0c-a76641532980
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 02 Sep 2022 18:09:22 GMT

GET
H/1.1 200
OK analytics.js Show response
c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production/ 24 KB
9 KB 88ms
31ms Script
application/javascript 104.96.143.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production/analytics.js
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.143.105 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-143-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a4d4be90f7293004ea724171e497b51aeed73ac67abc38dbaf14954c5de09f13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Unused62: 8096267
Date: Fri, 02 Sep 2022 18:09:22 GMT
Content-Encoding: gzip
Content-MD5: D3HHo8Mh9wet2GpeS+FoTg==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 7914
Pragma: no-cache
Last-Modified: Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id: iad-1:3kUtzycL41HLauP_1JkbZImxMhGGDkkISHMJQNgcqZc0EZZ_GCBLEh-Rs15Xo71e
x-api-id: native
ETag: ffd6a78f-0caa-490f-98b5-72af30429ab6
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: 035a888c-cf65-4f86-ab79-775e4f6d7e8d
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Fri, 02 Sep 2022 18:09:22 GMT

GET
H/1.1 200
OK wtid.js Show response
dc.oracleinfinity.io/cialth61ui/ 189 B
372 B 138ms
18ms Script
text/plain 130.61.67.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://dc.oracleinfinity.io/cialth61ui/wtid.js?callback=ORA.analytics.dcsRef.dcsGetIdCallback
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/common/js/1.3.37/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.67.95 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 82eac8c1097a4025fa1e929a61d58fd03ad3b0fcf1202a066df400ba6f9f5bef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Sep 2022 18:09:22 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/plain
Content-Length: 189
Expires: -1

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/ 6 KB
2 KB 214ms
68ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

bb05f1830584bd421ff6356a1dfd23ae9c7f006211b8955ee096d96a79a7d41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 02 Sep 2022 18:10:22 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ 39 KB
15 KB 216ms
51ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ui-framework.js?version=10.20.0.17-release_5509

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

fdd05b738b34277c9b69bd1d1cb198820f593b68e43cdbd54fe6d16659004f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:08:02 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 02 Sep 2023 18:09:22 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ 88 KB
30 KB 240ms
74ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/UMSClientAPI.min.js?version=10.20.0.17-release_5509

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

99975f334655703578e77034bebce02b63668d2d8a0144c2e5b72b40d234a386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:08:13 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 02 Sep 2023 18:09:22 GMT

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ 92 KB
31 KB 284ms
119ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/lpChatV3.min.js?version=10.20.0.17-release_5509

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:08:13 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 02 Sep 2023 18:09:22 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ 8 KB
3 KB 285ms
120ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/surveylogicinstance.min.js?version=10.20.0.17-release_5509

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:08:02 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 02 Sep 2023 18:09:22 GMT

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ 949 KB
296 KB 304ms
140ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/desktopEmbedded.js?version=10.20.0.17-release_5509

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

3600d4b55268d653164c62182d2980e1a4a744567dfea98ec0b695ecf7d93793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:08:14 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 02 Sep 2023 18:09:22 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/ 13 KB
3 KB 178ms
39ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

6dfe18ac44c6576183e28fa3e3ba4de1eb065377aabfd7f2f7efbe455df8bc92

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 02 Sep 2022 18:10:22 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 116ms
116ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D7... Show response
adservice.google.com/ddm/fls/i/ Frame C001 673 B
916 B 122ms
67ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5590a780e994a7d9e767e67ea1e8f45c90f585fb4767bdb2b356a9a85e0efc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5290727.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 447
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 18:09:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D7... Show response
adservice.google.de/ddm/fls/i/ Frame A7E6 194 B
870 B 103ms
54ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPzDjona9vkCFdZIHgIdcMQEKA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8256901303236;gtm=2wg8v0;auiddc=170318073.1662142162;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 18:09:22 GMT
expires: Fri, 02 Sep 2022 18:09:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/ Frame D7FA 39 KB
16 KB 88ms
87ms Document
text/html 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Fri, 02 Sep 2022 18:09:22 GMT
expires: Sat, 02 Sep 2023 18:09:22 GMT
last-modified: Mon, 08 Aug 2022 03:16:03 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff

GET
H2 200 4-top.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/subscription/ 181 KB
76 KB 24ms
23ms Image
image/svg+xml 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/subscription/4-top.svg
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: d3b60af3e06336b0e2bfc8fd69bd7076ee57cf276d0f4fc89c70217e08119ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:22 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 78759
x-cache: HIT
x-envoy-upstream-service-time: 4
content-encoding: gzip
content-length: 77150
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 16:54:56 GMT
server: envoy
x-timer: S1662142163.742753,VS0,VE2
x-origin-server: mwcm-pub-est01.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK dcs.gif
dc.oracleinfinity.io/cialth61ui/ 43 B
371 B 18ms
18ms Image
image/gif 130.61.67.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dc.oracleinfinity.io/cialth61ui/dcs.gif?wt.tx_e=v&wt.si_n=Subscribe%20Flow&wt.si_x=1&wt.si_p=Offer%20View&wt.pn_sku=Basic%20Access;Basic%20Access&wt.z_offerchain_id=XPASS;XPASS&asset.url=https://www.nytimes.com/subscription&a14dv=1&wt.offerid=74c1a2da-0775-11ec-b463-73f0d48bb750&dcsdat=1662142162769&dcssip=www.nytimes.com&dcsuri=/subscription&wt.tz=0&wt.bh=18&wt.ul=en-US&wt.cd=24&wt.sr=1600x1200&wt.jo=No&wt.ti=The%20New%20York%20Times:%20Digital%20and%20Home%20Delivery%20Subscriptions&wt.js=Yes&wt.bs=1600x1200&wt.dl=0&wt.ssl=1&wt.es=www.nytimes.com/subscription&campaignid=77YH8&mcid=SMS&mc=ERental&subid=USGM&wt.tv=1.0.4&wt.ce=1&wt.vtid=c7add596-10b1-49bf-84ca-b4ad01b1c1a4&wt.co_f=c7add596-10b1-49bf-84ca-b4ad01b1c1a4&wt.vt_f=1&ora.tag_id=main&ora.tag_config=production

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.61.67.95 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Sep 2022 18:09:22 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cache-Control: no-cache
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/ 37 KB
15 KB 46ms
46ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&force=1&env=prod

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

a5ec545801c483a0bb18f6c9c6ed675eada482ba56a46e3fdc554c83aca779d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:16:05 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sat, 02 Sep 2023 18:09:22 GMT

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 238 B
1 KB 602ms
205ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?&cb=lpCb61865x27110&t=sp&ts=1662142162221&pid=7714162990&tid=9356025384&pt=The%20New%20York%20Times%3A%20Digital%20and%20Home%20Delivery%20Subscriptions&u=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 74f47caa639abe7fe6e86dce77c80a55c441ab538cc226755dd3589c34b82030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:23 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 103ms
103ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?sid=ctrRv6e5SzWrSCTu7OaxUw&cb=lpCb31412x22061&t=pl&ts=1662142162778&pid=7714162990&tid=9356025384&vid=Y0NTNkZTk5NjYxYWNlOWEw
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: a98f2311299236b3b5679bc60b4b022798ffbe7e257de5344c254f5d4acd07f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 18:09:23 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H2 200 track
a.et.nytimes.com/ 0
0 115ms
115ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-20 14:27:58	Name: nyt-a Value: 8tgqOEI71Qax5arHCVYgZ9
.nytimes.com/	1970-01-20 05:42:43	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 14:27:58	Name: nyt-purr Value: cfhspnahhudn
.a.nytimes.com/	1970-01-20 14:27:58	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 05:42:43	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 05:42:43	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1662142161906&isNew=1&pageIndex=1
.nytimes.com/	1970-01-20 14:27:58	Name: nyt-jkidd Value: uid=0&lastRequest=1662142161906&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-20 07:51:58	Name: _gcl_au Value: 1.1.170318073.1662142162
.nytimes.com/	1970-01-20 15:18:22	Name: walley Value: GA1.2.1880230856.1662142162
.nytimes.com/	1970-01-20 05:43:48	Name: walley_gid Value: GA1.2.2038270762.1662142162
.nytimes.com/	1970-01-20 05:42:22	Name: _gat_UA-58630905-1 Value: 1
.doubleclick.net/	1970-01-20 05:42:23	Name: test_cookie Value: CheckForPermission
.et.nytimes.com/	1970-01-20 05:42:23	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 05:43:48	Name: et-ppvid Value: https://www.nytimes.com/subscription=BdXF3odPH7CRLNceuhpMJAtS
.et.nytimes.com/	1970-01-20 14:27:58	Name: sessionIndex Value: 1\|1662142162282\|8tgqOEI71Qax5arHCVYgZ9\|1662142162282
.nytimes.com/	1970-01-20 05:42:25	Name: intl_annual_var1 Value: yearly
www.nytimes.com/	1969-12-31 23:59:59	Name: sumologic.logger.session Value: a8ccc70d-54af-4907-8de3-ee83e98b3e46
.nytimes.com/	1970-01-20 15:18:22	Name: FPC Value: id=c7add596-10b1-49bf-84ca-b4ad01b1c1a4
.nytimes.com/	1970-01-20 06:25:34	Name: WTPERSIST Value:
.nytimes.com/	1970-01-20 14:27:58	Name: LPVID Value: Y0NTNkZTk5NjYxYWNlOWEw
.nytimes.com/	1969-12-31 23:59:59	Name: LPSID-17743901 Value: ctrRv6e5SzWrSCTu7OaxUw

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM Message: Failed to decode downloaded font: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-600-normal.woff
other	warning	URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM Message: OTS parsing error: incorrect file size in WOFF header
other	warning	URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM Message: Failed to decode downloaded font: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-600-normal.woff
other	warning	URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM Message: OTS parsing error: incorrect file size in WOFF header

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
accdn.lpsnmedia.net
adservice.google.com
adservice.google.de
c.oracleinfinity.io
dc.oracleinfinity.io
insight.adsrvr.org
lpcdn.lpsnmedia.net
lptag.liveperson.net
mwcm.nyt.com
r.clk71.com
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
www.nytimes.com
104.96.143.105
130.61.67.95
15.197.193.217
151.101.193.164
151.101.65.164
172.217.18.6
174.129.223.242
178.249.101.98
178.249.97.23
178.249.97.99
20.121.109.104
208.89.12.87
2a00:1450:4001:800::200e
2a00:1450:4001:806::2008
2a00:1450:4001:810::2002
2a00:1450:4001:831::2002
52.207.181.173
014d02c08acc72a966821521d404e546476939d7c3c11ba704da3d27a37e4f1a
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
1b1ccd6baa74deba9b066d2cebb5d57556a198e17e40adfe43784304c06799fb
298b6139ad68acfea2b479bd0781296b7699478921e13f80658de0d56cd2a38c
3459e3235f82a02e0db9b4ce61facf30390f91ccee578d2d40cee2dbc9734fa5
3600d4b55268d653164c62182d2980e1a4a744567dfea98ec0b695ecf7d93793
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
596b79be695dbe107180aa947e10b4eebeecc8fd240cf8a90f99f48fc01338ad
5acc64ee6d0daa058d135fc050b5b9be625c11db2edade7fa14b835842fe1346
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
65228fd2558cd49b47573d964a5615c31fa39a7c621990a4e3fb2438f2be05d1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dfe18ac44c6576183e28fa3e3ba4de1eb065377aabfd7f2f7efbe455df8bc92
71a1a7e4b8e99b30226b248180515bec029985cc0c6777e286efa7db1dd3c855
74f47caa639abe7fe6e86dce77c80a55c441ab538cc226755dd3589c34b82030
7a976ee7a5a94eeace0964f063e7d3ca23346cc27e6062fcfdd478cdb74f4632
7c37b9396a5a4231f27c16d1398221794a5a1bb3f6a734b6521338fbd9d51197
82eac8c1097a4025fa1e929a61d58fd03ad3b0fcf1202a066df400ba6f9f5bef
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
99975f334655703578e77034bebce02b63668d2d8a0144c2e5b72b40d234a386
99c2c7d30041b2903661abcc4da976b0c51d0bddcef857829b61c26b91be0675
9bd50fd3a8c54d54e705c1d7d25e26ac71b89567d2c0cf3cc0ade549c3937f65
9e3291cd2580eddb057b806f48be65a19aef0896701036e5646652c3d6aa7786
a02613705ac7729e7ff38fe1f672e160d9c9a9b89bcb14f7b987e729fa423357
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4d4be90f7293004ea724171e497b51aeed73ac67abc38dbaf14954c5de09f13
a5ec545801c483a0bb18f6c9c6ed675eada482ba56a46e3fdc554c83aca779d8
a98f2311299236b3b5679bc60b4b022798ffbe7e257de5344c254f5d4acd07f1
ad868a610844684acd6cd66c0913d61b96dd9458e2477fc35d5ebb4b0fffc364
b5cf2a0975474b9fc8d133b8c45caaefb580c0a208c251f75869d65aca5063c5
bb05f1830584bd421ff6356a1dfd23ae9c7f006211b8955ee096d96a79a7d41f
d3b60af3e06336b0e2bfc8fd69bd7076ee57cf276d0f4fc89c70217e08119ebb
d5590a780e994a7d9e767e67ea1e8f45c90f585fb4767bdb2b356a9a85e0efc1
d5a8e0f45e44da9b86819deeaf6e1d659726912ba546f73453665183fdf64af0
dc112f66d073a232b20be3555d782096a9abbc26af1e5333bd80bc9ed1311423
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f1ed2383b6346b6bac6b2c5e209f1d6805f7d6ffce933fcfdbc0bf72a6be0
e467441a1ba01b26f2b317240e9baa04d66cf652e0baad3824827517bc6d155a
e6d4f17639a5fd3c3d38e11ad5f3aee80275e3d7ef7ed7317d036272012078ae
e78c9813830e2a862af759849ad502a58c3569e9cfd8aff883a79eaa2758e7fd
e8d365d1c63e2ea8cca4cd6350256b29b9aa3e833e8c5c43fce57b7e4fe07f01
faf63bc4635681e9130053e6f39615fa8cd7ba94d411201aebe49b2b326ac290
fd5971eb7478a545172757bfbc027bce235ca0bea1443c4fc35a61c5dbedb8f8
fdd05b738b34277c9b69bd1d1cb198820f593b68e43cdbd54fe6d16659004f73

www.nytimes.com Open in urlscan Pro 151.101.65.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

24 %IPv6

12 Domains

18 Subdomains

16 IPs

3 Countries

1074 kBTransfer

2959 kBSize

22 Cookies

9 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.65.164 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

24 %
IPv6

12
Domains

18
Subdomains

16
IPs

3
Countries

1074 kB
Transfer

2959 kB
Size

22
Cookies

49 HTTP transactions
0 data transactions