www.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r.clk71.com/rs.ashx?ms=MLBU07%3A143496_115211&e=egross%40fhlbc.com&eId=834841845&c=h&url=https%3A%2F%2Fwww.n...
Effective URL:
https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Submission Tags: falconsandbox
Submission: On August 01 via api (August 1st 2021, 12:17:50 pm UTC) from US

Summary HTTP 52 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 52 HTTP transactions. The main IP is 151.101.13.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.191.219.3 52.191.219.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.13.164 151.101.13.164	54113 (FASTLY) (FASTLY)
15	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82f::2013	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2013	15169 (GOOGLE) (GOOGLE)
4	104.111.250.109 104.111.250.109	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
2	130.61.67.95 130.61.67.95	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
5	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
4	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 3	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	52.31.175.99 52.31.175.99	16509 (AMAZON-02) (AMAZON-02)
4	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	34.198.170.218 34.198.170.218	14618 (AMAZON-AES) (AMAZON-AES)
52	16

1 52.191.219.3 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clk71.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.250.109 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-109.deploy.static.akamaitechnologies.com

c.oracleinfinity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.61.67.95 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)

dc.oracleinfinity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.249.97.99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.249.97.98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.175.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-99.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.170.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-170-218.compute-1.amazonaws.com

collectors.sumologic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	nyt.com mwcm.nyt.com a1.nyt.com	388 KB
9	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	55 KB
7	nytimes.com www.nytimes.com a.nytimes.com a.et.nytimes.com	15 KB
6	liveperson.net lptag.liveperson.net va.v.liveperson.net	107 KB
6	oracleinfinity.io c.oracleinfinity.io dc.oracleinfinity.io	36 KB
3	doubleclick.net 1 redirects 5290727.fls.doubleclick.net	979 B
2	sumologic.com collectors.sumologic.com	521 B
2	google-analytics.com www.google-analytics.com	19 KB
1	google.com adservice.google.com	262 B
1	adsrvr.org insight.adsrvr.org	261 B
1	googletagmanager.com www.googletagmanager.com	93 KB
1	clk71.com 1 redirects r.clk71.com	320 B
52	12

	Domain	Requested by
14	mwcm.nyt.com	www.nytimes.com mwcm.nyt.com lpcdn.lpsnmedia.net
5	accdn.lpsnmedia.net	lptag.liveperson.net
4	va.v.liveperson.net	lptag.liveperson.net
4	lpcdn.lpsnmedia.net	lptag.liveperson.net
4	c.oracleinfinity.io	www.googletagmanager.com c.oracleinfinity.io
4	a.et.nytimes.com	www.nytimes.com
3	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	collectors.sumologic.com	mwcm.nyt.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dc.oracleinfinity.io	c.oracleinfinity.io
2	lptag.liveperson.net	www.nytimes.com
2	a.nytimes.com	mwcm.nyt.com a1.nyt.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	insight.adsrvr.org
1	www.googletagmanager.com	a1.nyt.com
1	a1.nyt.com	www.nytimes.com
1	www.nytimes.com
1	r.clk71.com	1 redirects
52	18

This site contains links to these domains. Also see Links.

Domain
help.nytimes.com
myaccount.nytimes.com
nyt.qualtrics.com
www.nytco.com
optout.privacyrights.info
www.privacyrights.info
nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
a.nytimes.com GTS CA 1D4	`2021-07-18` - `2021-10-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
a.et.nytimes.com GTS CA 1D4	`2021-08-01` - `2021-10-30`	3 months	crt.sh
c.oracleinfinity.io DigiCert SHA2 Secure Server CA	`2020-12-11` - `2021-12-15`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
dc.oracleinfinity.io DigiCert SHA2 Secure Server CA	`2020-07-07` - `2021-09-05`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2021-02-21` - `2022-02-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
service.sumologic.com GeoTrust EV RSA CA 2018	`2020-02-21` - `2022-02-20`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Frame ID: 6188085BA9F0F3854E105F11C5E62F3F
Requests: 48 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.13.1.0-release_5043/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod
Frame ID: 71853F26BF1957F546B774CF649BD7D5
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjvjoDnj_ICFbsFBgAdEnYGWQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;u1=;u2=;u3=;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM
Frame ID: DE57A718FB865E520D99B683DE45380A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://r.clk71.com/rs.ashx?ms=MLBU07%3A143496_115211&e=egross%40fhlbc.com&eId=834841845&c=h&url... HTTP 302
https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Fastly (CDN) Expand

Overall confidence: 100%
Detected patterns

headers vary /Fastly-SSL/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

52
Requests

100 %
HTTPS

29 %
IPv6

12
Domains

18
Subdomains

16
IPs

4
Countries

714 kB
Transfer

1827 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancel.
Title: Cancellation and Refund Policy

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/get-started?o=1281e5fc-d028-11ea-a072-340cee6a52b6&campaignId=77YH8
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancel
Title: cancel

Search URL Search Domain Scan URL

URL: http://nyt.qualtrics.com/jfe/form/SV_6xph8FSrgDdOgap
Title: Tell us why.

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: The New York Times Company

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/membercenter/feedback.html
Title: Feedback

Search URL Search Domain Scan URL

URL: https://optout.privacyrights.info/?c=1
Title: website

Search URL Search Domain Scan URL

URL: https://www.privacyrights.info/appchoices
Title: apps

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: view our Cookie Policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r.clk71.com/rs.ashx?ms=MLBU07%3A143496_115211&e=egross%40fhlbc.com&eId=834841845&c=h&url=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM HTTP 302
https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;u1=;u2=;u3=;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjvjoDnj_ICFbsFBgAdEnYGWQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;u1=;u2=;u3=;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request subscription Show response
www.nytimes.com/
Redirect Chain

http://r.clk71.com/rs.ashx?ms=MLBU07%3A143496_115211&e=egross%40fhlbc.com&eId=834841845&c=h&url=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid...
https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM

51 KB
12 KB

227ms
209ms

Document
text/html

151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c6f7d6a9f7d01ff4f6fa0940ebbac00dd470f4808a47d68dfc7648d43dae22e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Frame-Options	DENY

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html;charset=UTF-8
expires: 0
pragma: no-cache
server: nginx
x-magnolia-vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, X-NYT-Currency
x-origin-time: 2021-08-01 12:17:33 UTC
accept-ranges: bytes
date: Sun, 01 Aug 2021 12:17:33 GMT
x-served-by: cache-fra19131-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1627820253.139252,VS0,VE202
vary: Accept-Encoding, x-nyt-user-status, x-nyt-country, x-nyt-continent, X-NYT-Currency, Fastly-SSL
set-cookie: nyt-a=Z7DHGXbBNzkP9lIzDeROTw; Expires=Mon, 01 Aug 2022 12:17:33 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure nyt-gdpr=1; Expires=Sun, 01 Aug 2021 18:17:33 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhud; Expires=Mon, 01 Aug 2022 12:17:33 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimes3xbfgragh.onion/subscription?campaignId=77YH8&mc=ERental
x-api-version: F-X
x-nyt-route: mwcm
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload
content-length: 11551

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 01 Aug 2021 12:17:33 GMT
Content-Length: 213

GET
H2 200 common.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/ 220 KB
69 KB 37ms
11ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 77a92318443d095c0a856fe9db90ed1541b8a7c398767288526f36cf209c2dd4

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: gzip
age: 346130
x-cache: HIT
content-length: 70290
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 18:59:50 GMT
server: nginx
x-timer: S1627820253.383589,VS0,VE0
x-origin-server: mwcm-pub-est08.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2038

GET
H2 200 main.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/js/src/ 14 KB
4 KB 50ms
23ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/js/src/main.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 40350e2ee0e933e970bb1d3e8c56f1a9058b14d96bce6c9dc0a436c45aad1d9b

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: gzip
age: 295495
x-cache: HIT
content-length: 4350
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 18:59:50 GMT
server: nginx
x-timer: S1627820253.383604,VS0,VE1
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/ 36 KB
6 KB 50ms
24ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a023a541f8c0a01e22455cd250072c77617c034aaaec90275d873373d2eebcf

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: gzip
age: 346027
x-cache: HIT
content-length: 6080
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 18:59:50 GMT
server: nginx
x-timer: S1627820253.383626,VS0,VE1
x-origin-server: mwcm-pub-est06.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 logo-nyt-header.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/ 5 KB
2 KB 8ms
7ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/logo-nyt-header.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71a1a7e4b8e99b30226b248180515bec029985cc0c6777e286efa7db1dd3c855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: gzip
age: 346131
x-cache: HIT
content-length: 1844
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 18:59:42 GMT
server: nginx
x-timer: S1627820253.407513,VS0,VE0
x-origin-server: mwcm-pub-est06.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1628

GET
H2 200 logo_nyt_white.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/ 5 KB
2 KB 9ms
8ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/logo_nyt_white.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b1ccd6baa74deba9b066d2cebb5d57556a198e17e40adfe43784304c06799fb

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: gzip
age: 346027
x-cache: HIT
content-length: 1871
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 18:59:42 GMT
server: nginx
x-timer: S1627820253.411101,VS0,VE1
x-origin-server: mwcm-pub-est02.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 json-kidd.min.js Show response
a1.nyt.com/analytics/ 178 KB
44 KB 20ms
8ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/json-kidd.min.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c37b8f12ac71dad4f488ceaaf46d11f9319bc0b2c8ddda3970e6974936587056

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=7T8KVw==, md5=jRcAPpBidNzVVOzFxaudQQ==
date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: gzip
content-type: application/javascript
age: 37809
x-guploader-uploadid: ADPycdsLAvvpJYJ9pDBZo4kVQ_vxyg380YlXBD0-e3m0jCs_XIDKt-advvlxkQ-nVC6fzpAuUdV5Nk3JKkTeuoFWRz84W5wa_Q
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 44066
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
accept-ranges: bytes
expires: Fri, 16 Jul 2021 00:31:12 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1627820253.422748,VS0,VE0
etag: "8d17003e906274dcd554ecc5c5ab9d41"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975877156
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 182122
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 111

GET
H2 200 4-top.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/subscription/ 181 KB
75 KB 9ms
9ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/subscription/4-top.svg
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d3b60af3e06336b0e2bfc8fd69bd7076ee57cf276d0f4fc89c70217e08119ebb

Request headers

Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: gzip
age: 204229
x-cache: HIT
content-length: 77150
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 18:59:44 GMT
server: nginx
x-timer: S1627820253.413962,VS0,VE1
x-origin-server: mwcm-pub-est10.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 nyt-franklin-700-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 29 KB
29 KB 41ms
12ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-700-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ad868a610844684acd6cd66c0913d61b96dd9458e2477fc35d5ebb4b0fffc364

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
via: 1.1 varnish
last-modified: Tue, 27 Jul 2021 18:59:42 GMT
server: nginx
age: 346074
x-served-by: cache-hhn4054-HHN
x-cache: HIT
content-type: application/x-font-woff;charset=UTF-8
x-origin-server: mwcm-pub-est05.prd.iad1.nyt.net
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-timer: S1627820253.443057,VS0,VE1
access-control-allow-origin: *
content-length: 29504
x-cache-hits: 1

GET
H2 200 nyt-cheltenham-500-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 32 KB
32 KB 41ms
13ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-cheltenham-500-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c37b9396a5a4231f27c16d1398221794a5a1bb3f6a734b6521338fbd9d51197

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
via: 1.1 varnish
last-modified: Tue, 27 Jul 2021 18:59:42 GMT
server: nginx
age: 346026
x-served-by: cache-hhn4054-HHN
x-cache: HIT
content-type: application/x-font-woff;charset=UTF-8
x-origin-server: mwcm-pub-est04.prd.iad1.nyt.net
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-timer: S1627820253.443013,VS0,VE1
access-control-allow-origin: *
content-length: 32532
x-cache-hits: 1

GET
H2 200 nyt-franklin-600-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 47 KB
48 KB 41ms
13ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-600-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd5971eb7478a545172757bfbc027bce235ca0bea1443c4fc35a61c5dbedb8f8

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
via: 1.1 varnish
last-modified: Tue, 27 Jul 2021 18:59:42 GMT
server: nginx
age: 346074
x-served-by: cache-hhn4054-HHN
x-cache: HIT
content-type: application/x-font-woff;charset=UTF-8
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-timer: S1627820253.443037,VS0,VE1
access-control-allow-origin: *
content-length: 48566
x-cache-hits: 1

GET
H2 200 nyt-cheltenham-300-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 16 KB
17 KB 36ms
8ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-cheltenham-300-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e3291cd2580eddb057b806f48be65a19aef0896701036e5646652c3d6aa7786

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
via: 1.1 varnish
last-modified: Tue, 27 Jul 2021 18:59:42 GMT
server: nginx
age: 346026
x-served-by: cache-hhn4054-HHN
x-cache: HIT
content-type: application/x-font-woff;charset=UTF-8
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-timer: S1627820253.442996,VS0,VE1
access-control-allow-origin: *
content-length: 16844
x-cache-hits: 1

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 950 B
1 KB 259ms
227ms XHR
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 81ac6b4e03d6191d9d55c091a8ed07e2d00fdcfc92301168f9890cbb0c0e166f

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 68917ce45c1bfd0d3d8aa463135c1f5c
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 486
expires: Sun, 01 Aug 2021 12:17:33 GMT

GET
H2 200 nyt-franklin-500-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 29 KB
29 KB 10ms
10ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-500-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 596b79be695dbe107180aa947e10b4eebeecc8fd240cf8a90f99f48fc01338ad

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
via: 1.1 varnish
last-modified: Tue, 27 Jul 2021 18:59:42 GMT
server: nginx
age: 302067
x-served-by: cache-hhn4054-HHN
x-cache: HIT
content-type: application/x-font-woff;charset=UTF-8
x-origin-server: mwcm-pub-est04.prd.iad1.nyt.net
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-timer: S1627820254.560521,VS0,VE1
access-control-allow-origin: *
content-length: 29324
x-cache-hits: 1

GET
H2 200 nyt-franklin-300-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 29 KB
29 KB 10ms
9ms Font
application/x-font-woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-300-normal.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5a8e0f45e44da9b86819deeaf6e1d659726912ba546f73453665183fdf64af0

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini2/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
via: 1.1 varnish
last-modified: Tue, 27 Jul 2021 18:59:42 GMT
server: nginx
age: 346129
x-served-by: cache-hhn4054-HHN
x-cache: HIT
content-type: application/x-font-woff;charset=UTF-8
x-origin-server: mwcm-pub-est03.prd.iad1.nyt.net
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-timer: S1627820254.571906,VS0,VE1
access-control-allow-origin: *
content-length: 29448
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 366 KB
93 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e1c7314cb5d4efda8fab94686c8a8e1d4f54980e1e49efc72b07cd60de6d580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95003
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 995 B
1 KB 620ms
620ms XHR
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&jkcb=1627820253604
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 85d90ac5f1025892cf09124985207b5a4725f3c8a5a1ffd79684e88622a14c98

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: d4affd18b40d7a79213b5fc2edd74472
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 513
expires: Sun, 01 Aug 2021 12:17:34 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 129ms
101ms Ping
application/json 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H/1.1 200
OK odc.js Show response
c.oracleinfinity.io/acs/account/cialth61ui/js/main/ 39 KB
12 KB 85ms
26ms Script
application/javascript 104.111.250.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc112f66d073a232b20be3555d782096a9abbc26af1e5333bd80bc9ed1311423

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 12:17:33 GMT
Content-Encoding: gzip
Content-MD5: 1EDP6vOJ/5leSnMJcbt5ww==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 10998
Pragma: no-cache
Last-Modified: Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id: iad-1:vyab7EKokIcC5lnt9buS7edxnLijzZnoLqz9NzoZ4VwRDFYraXHH8sNlYEK1ODJV
x-api-id: native
ETag: a127ca8e-29c4-4e59-864c-7de71c0592d5
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: 454af658-eba1-49cc-82fb-e7f7fe05532c
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Sun, 01 Aug 2021 12:17:33 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 101ms
21ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=17743901
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H/1.1 200
OK analytics-production.js Show response
c.oracleinfinity.io/acs/account/cialth61ui/js/main/ 4 KB
2 KB 28ms
28ms Script
application/javascript 104.111.250.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production.js
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e40f1ed2383b6346b6bac6b2c5e209f1d6805f7d6ffce933fcfdbc0bf72a6be0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 12:17:33 GMT
Content-Encoding: gzip
Content-MD5: qnF0/5dScUlTxy1fgptUSg==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 1429
Pragma: no-cache
Last-Modified: Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id: iad-1:TUJHScDmBzTKI5-CszNP2J36p9-EX05jgex56aLzAnz5jQXUg79WnFmgSQFThjCm
x-api-id: native
ETag: bce2d2d6-0bcc-4034-ada0-181fcce0d61d
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: af0c379b-abd4-44f3-984d-c815e20cc683
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Sun, 01 Aug 2021 12:17:33 GMT

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/ 267 KB
95 KB 40ms
40ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 3f83d37bd9b1e4b7f32847524b4c384e11ecb3f81812ec299911049f5d84fe3a

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:33 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H/1.1 200
OK common.js Show response
c.oracleinfinity.io/acs/common/js/1.3.37/ 33 KB
12 KB 27ms
27ms Script
application/javascript 104.111.250.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/common/js/1.3.37/common.js
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65228fd2558cd49b47573d964a5615c31fa39a7c621990a4e3fb2438f2be05d1

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 12:17:33 GMT
Content-Encoding: gzip
Content-MD5: i3lzre/Ca4wN1pXfrk1n9w==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 11579
Pragma: no-cache
Last-Modified: Sat, 11 Jul 2020 02:07:25 GMT
opc-request-id: iad-1:v3IadRD9AJwz4_K2OcUk7yqWYWlTqvMygkg49TIR96I3c7hKaYw8mJqofixbVa_b
x-api-id: native
ETag: 9e584f22-eda0-480e-8f51-7abe4ffee9fe
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: d5e20d9f-cf77-4a6c-ab0c-a76641532980
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Sun, 01 Aug 2021 12:17:33 GMT

GET
H/1.1 200
OK analytics.js Show response
c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production/ 24 KB
9 KB 54ms
26ms Script
application/javascript 104.111.250.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production/analytics.js
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a4d4be90f7293004ea724171e497b51aeed73ac67abc38dbaf14954c5de09f13

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 12:17:33 GMT
Content-Encoding: gzip
Content-MD5: D3HHo8Mh9wet2GpeS+FoTg==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 7914
Pragma: no-cache
Last-Modified: Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id: iad-1:t6w9gD4JbzFRv8pUGwzFURsooh5DHiGE9FHL8QW-nBUMbJ6Y8HHHYrdnl93aA3k8
x-api-id: native
ETag: ffd6a78f-0caa-490f-98b5-72af30429ab6
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: 035a888c-cf65-4f86-ab79-775e4f6d7e8d
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Sun, 01 Aug 2021 12:17:33 GMT

GET
H/1.1 200
OK wtid.js Show response
dc.oracleinfinity.io/cialth61ui/ 189 B
372 B 38ms
8ms Script
text/plain 130.61.67.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://dc.oracleinfinity.io/cialth61ui/wtid.js?callback=ORA.analytics.dcsRef.dcsGetIdCallback
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/common/js/1.3.37/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.67.95 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 8ec3c4e060456349104bf409a2551ee2cdd06e208d421608b866b33189d41647

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 12:17:33 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/plain
Content-Length: 189
Expires: -1

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/ 6 KB
2 KB 86ms
19ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/?cb=lpCb63098x30828
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 8d1602cce70b91b35575ae0445c130447299dc030305d4907b11b1bae2ef2b90

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Sun, 01 Aug 2021 12:17:53 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/ 13 KB
2 KB 89ms
32ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 3b6f2833dae8dbde95a60847d13b5f1ec600046155b9b4d3ebb3827204376106

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Sun, 01 Aug 2021 12:17:53 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.13.1.0-release_5043/ Frame 7185 39 KB
16 KB 124ms
40ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.13.1.0-release_5043/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.13.1.0-release_5043/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-type: text/html
last-modified: Wed, 16 Jun 2021 19:00:26 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Sun, 01 Aug 2021 12:27:34 GMT
cache-control: max-age=600

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3833
date: Sun, 01 Aug 2021 11:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sun, 01 Aug 2021 13:13:41 GMT

GET
H3-29

200

activityi;dc_pre=CMjvjoDnj_ICFbsFBgAdEnYGWQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10... Show response
5290727.fls.doubleclick.net/ Frame DE57
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjvjoDnj_ICFbsFBgAdEnYGWQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7D...

703 B
493 B

41ms
26ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjvjoDnj_ICFbsFBgAdEnYGWQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;u1=;u2=;u3=;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

86d61b506ced9c0295000cc7b812b12f1bba4ccc0f656436d192b24bea446a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMjvjoDnj_ICFbsFBgAdEnYGWQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;u1=;u2=;u3=;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 01 Aug 2021 12:17:34 GMT
expires: Sun, 01 Aug 2021 12:17:34 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 468
x-xss-protection: 0
set-cookie: IDE=AHWqTUmwt9lMnM5UFldULasw1e8XslejDsZz6zwMLxD_HzGiyllkQHuG38b02WiKfqc; expires=Fri, 26-Aug-2022 12:17:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 01 Aug 2021 12:17:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjvjoDnj_ICFbsFBgAdEnYGWQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;u1=;u2=;u3=;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
107ms Ping
application/json 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 activityi;register_conversion=1;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=...
5290727.fls.doubleclick.net/ 0
0 32ms
16ms Image
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5290727.fls.doubleclick.net/activityi;register_conversion=1;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;u1=;u2=;u3=;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 97ms
31ms Image
image/gif 52.31.175.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1352647767
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 12:17:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1548640798&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&dr=&ul=en-us&de=UTF-8&dt=The%20New%20York%20Times%3A%20Digital%20and%20Home%20Delivery%20Subscriptions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=USGM&cs=SMS&cm=ERental&ck=&cc=&_u=YEBAAEABAAAAAC~&jid=2000499929&gjid=1492753638&cid=419687886.1627820254&tid=UA-58630905-1&_gid=1246954155.1627820254&_r=1&gtm=2wg7s0WF9QCL2&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM&cd3=%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM&cd9=&cd10=SMS&cd13=null&cd14=null&cd15=paid&cd16=marketing_campaign&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd37=0&cd42=MOPS&cd43=&cd44=&cd45=&cd46=&cd48=null&cd49=blurb_under_100&cd52=&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&cd95=&cd109=0&cd110=0&cd111=0&cd112=0&cd113=0&cd122=0&cd123=0&cd124=0&cd125=0&cd126=0&cd127=0&cd138=0&cd139=0&cd141=0&cd142=0&cd143=0&cd144=0&cd145=0&cd146=0&cd147=0&cd148=0&cd162=0&cd163=0&z=1792241356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 12:17:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcs.gif
dc.oracleinfinity.io/cialth61ui/ 43 B
371 B 8ms
8ms Image
image/gif 130.61.67.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dc.oracleinfinity.io/cialth61ui/dcs.gif?wt.tx_e=v&wt.si_n=Subscribe%20Flow&wt.si_x=1&wt.si_p=Offer%20View&wt.pn_sku=Basic%20$.50%20week%20for%2052%20weeks%20then%20$2.00%20per%20week%20After%20International%20Only;Premium%20HD%2050%25%20off%20for%2052%20weeks%20WCM&wt.z_offerchain_id=XPASS;SS&wt.offerid=1281e5fc-d028-11ea-a072-340cee6a52b6&dcsdat=1627820254317&dcssip=www.nytimes.com&dcsuri=/subscription&wt.tz=2&wt.bh=14&wt.ul=en-US&wt.cd=24&wt.sr=1600x1200&wt.jo=No&wt.ti=The%20New%20York%20Times:%20Digital%20and%20Home%20Delivery%20Subscriptions&wt.js=Yes&wt.bs=1600x1200&wt.dl=0&wt.ssl=1&wt.es=www.nytimes.com/subscription&campaignid=77YH8&mcid=SMS&mc=ERental&subid=USGM&wt.tv=1.0.4&wt.ce=1&wt.vtid=7071c2fd-9a50-48b1-8f25-8d98d1d6fdaa&wt.co_f=7071c2fd-9a50-48b1-8f25-8d98d1d6fdaa&wt.vt_f=1&ora.tag_id=main&ora.tag_config=production

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.61.67.95 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 12:17:34 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cache-Control: no-cache
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.13.1.0-release_5043/ 38 KB
15 KB 34ms
34ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.13.1.0-release_5043/storage.secure.min.js?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 540834be0c71d9542ef6ff9fb4b79e8dc6fba5d70546a3e1d1583869a4b2f6ff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 19:00:26 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Sun, 01 Aug 2021 12:27:34 GMT

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 625 B
1 KB 504ms
201ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?&cb=lpCb29958x61836&t=sp&ts=1627820253943&pid=4427731547&tid=4195132865&pt=The%20New%20York%20Times%3A%20Digital%20and%20Home%20Delivery%20Subscriptions&u=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: d064286e4803fc975f9a92e947b366566a928924f0d7024e33ad0013bb2fdf2f

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 dc_pre=CMjvjoDnj_ICFbsFBgAdEnYGWQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=*;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14...
adservice.google.com/ddm/fls/z/ Frame DE57 42 B
262 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMjvjoDnj_ICFbsFBgAdEnYGWQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=*;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;u1=;u2=;u3=;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjvjoDnj_ICFbsFBgAdEnYGWQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1319167210033;gtm=2wg7s0;auiddc=1962385090.1627820254;u4=;u5=;u6=;u7=Z7DHGXbBNzkP9lIzDeROTw;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM;u1=;u2=;u3=;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D77YH8%26mcid%3DSMS%26mc%3DERental%26subid%3DUSGM?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 12:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.47.0.1-release_5076/jsv2/ 7 KB
3 KB 22ms
21ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.47.0.1-release_5076/jsv2/overlay.js?_v=3.47.0.1-release_5076
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: d75d107b648aeb7a906bf7664076d847d7a4a0421f04ded9d68287685d0769a0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 15:20:45 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Sun, 01 Aug 2021 12:27:34 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.47.0.1-release_5076/jsv2/ 30 KB
12 KB 35ms
35ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.47.0.1-release_5076/jsv2/UISuite.js?_v=3.47.0.1-release_5076
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 15:20:45 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Sun, 01 Aug 2021 12:27:34 GMT

GET
H2 200 2704 Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/campaigns/1896709130/engagements/1896709630/revision/ 3 KB
2 KB 35ms
35ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/campaigns/1896709130/engagements/1896709630/revision/2704?v=3.0&cb=lp1896709630&flavor=dependency
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 1d116412c9e71bbc23f6391bae43be3f896e66bd096d027d1305a0342b9ac097

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Sun, 01 Aug 2021 12:18:34 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/ 6 KB
2 KB 22ms
22ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/?cb=lpCb98106x93965
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 376b31af0aee721169e20ae9104079a894f29743d4bd860ce0a56a15630a995e

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Sun, 01 Aug 2021 12:17:53 GMT

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 99ms
99ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?sid=dqW0IuX8TsyFc4u9yHjWcA&cb=lpCb96609x15620&t=pl&ts=1627820254325&pid=4427731547&tid=4195132865&vid=AwYTBjNGU5OWQzM2U5YTkw
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: b7ef4a17e75e1728a3ec2824bdbbb968074f79be8f88954acac55f62a69315b8

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 42828914 Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/engagement-window/window-confs/ 4 KB
1 KB 90ms
90ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/17743901/configuration/engagement-window/window-confs/42828914?cb=lpCb50905x34640
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 1684fc48a4b422881f6ec0e5d04db5d3934ded1340ad8d2e7fe83c209b5b6b84

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 0
expires: Sun, 01 Aug 2021 12:18:34 GMT

GET
H2 200 chat-buttononly.svg
mwcm.nyt.com/dam/LP/live_chat/images/ 3 KB
1 KB 9ms
9ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/live_chat/images/chat-buttononly.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7344f8edf7586116d09ef47538b695882d5ab1c5dc7c82d407b5bc9ab8a03f0a

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
age: 300872
x-cache: HIT
content-length: 1285
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Mon, 19 Nov 2018 21:42:25 GMT
server: nginx
x-timer: S1627820255.969853,VS0,VE1
x-origin-server: mwcm-pub-est02.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 chat-buttononly.svg
mwcm.nyt.com/dam/LP/live_chat/images/ 3 KB
1 KB 9ms
9ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/live_chat/images/chat-buttononly.svg
Requested by: Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_re/3.47.0.1-release_5076/jsv2/UISuite.js?_v=3.47.0.1-release_5076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7344f8edf7586116d09ef47538b695882d5ab1c5dc7c82d407b5bc9ab8a03f0a

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:34 GMT
content-encoding: gzip
age: 300872
x-cache: HIT
content-length: 1285
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Mon, 19 Nov 2018 21:42:25 GMT
server: nginx
x-timer: S1627820255.984489,VS0,VE0
x-origin-server: mwcm-pub-est02.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 42 B
792 B 99ms
99ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?sid=dqW0IuX8TsyFc4u9yHjWcA&cb=lpCb46996x86819&t=uc&ts=1627820254982&pid=4427731547&tid=4195132865&vid=AwYTBjNGU5OWQzM2U5YTkw&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A1896709130%2C%22engId%22%3A1896709630%2C%22revision%22%3A2704%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 7f3a79c58d2fcb8141392e6fae4e4254edc4f25fc549c65c0e50dfd3e7b1c3d3

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:35 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
102ms Ping
application/json 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg== Show response
collectors.sumologic.com/receiver/v1/http/ 0
521 B 105ms
104ms XHR
text/plain 34.198.170.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://collectors.sumologic.com/receiver/v1/http/ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==?callback=logSent

Requested by

Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.170.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-170-218.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Sumo-Name: Frontend Monitoring
X-Sumo-Category: mwcm-prd
Referer: https://www.nytimes.com/
X-Sumo-Host: https://mwcm-pub.prd.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 01 Aug 2021 12:17:39 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
strict-transport-security: max-age=15552000
vary: Origin
content-length: 0
x-xss-protection: 1; mode=block

OPTIONS
H2 200 ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==
collectors.sumologic.com/receiver/v1/http/ Frame 0
0 375ms
102ms Preflight 34.198.170.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://collectors.sumologic.com/receiver/v1/http/ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==?callback=logSent

Protocol

Server

34.198.170.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-170-218.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-sumo-category,x-sumo-host,x-sumo-name
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 01 Aug 2021 12:17:39 GMT
content-length: 0
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET,POST,HEAD,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,Content-Encoding,X-Sumo-Host,X-Sumo-Category,X-Sumo-Name,X-Sumo-Client,X-Sumo-Metadata,X-Sumo-Dimensions
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
allow: GET, HEAD, POST, PUT, TRACE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
101ms Ping
application/json 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=77YH8&mcid=SMS&mc=ERental&subid=USGM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 73 B
823 B 98ms
97ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?sid=dqW0IuX8TsyFc4u9yHjWcA&cb=lpCb12753x38254&t=ip&ts=1627820264934&pid=4427731547&tid=4195132865&vid=AwYTBjNGU5OWQzM2U5YTkw
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 93f8c907b065e5f4204803b2ff87cd51a5e602acb94fa04588ad3b82e1fdfcaf

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:17:44 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-20 04:55:56	Name: nyt-purr Value: cfhspnahhud
.nytimes.com/	1970-01-19 20:10:41	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 04:55:56	Name: nyt-a Value: Z7DHGXbBNzkP9lIzDeROTw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
accdn.lpsnmedia.net
adservice.google.com
c.oracleinfinity.io
collectors.sumologic.com
dc.oracleinfinity.io
insight.adsrvr.org
lpcdn.lpsnmedia.net
lptag.liveperson.net
mwcm.nyt.com
r.clk71.com
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
www.nytimes.com
104.111.250.109
130.61.67.95
142.250.186.70
151.101.13.164
151.101.193.164
178.249.97.23
178.249.97.98
178.249.97.99
208.89.12.87
2a00:1450:4001:811::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2013
2a00:1450:4001:831::2013
34.198.170.218
52.191.219.3
52.31.175.99
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
1684fc48a4b422881f6ec0e5d04db5d3934ded1340ad8d2e7fe83c209b5b6b84
1b1ccd6baa74deba9b066d2cebb5d57556a198e17e40adfe43784304c06799fb
1d116412c9e71bbc23f6391bae43be3f896e66bd096d027d1305a0342b9ac097
1e1c7314cb5d4efda8fab94686c8a8e1d4f54980e1e49efc72b07cd60de6d580
376b31af0aee721169e20ae9104079a894f29743d4bd860ce0a56a15630a995e
3b6f2833dae8dbde95a60847d13b5f1ec600046155b9b4d3ebb3827204376106
3f83d37bd9b1e4b7f32847524b4c384e11ecb3f81812ec299911049f5d84fe3a
40350e2ee0e933e970bb1d3e8c56f1a9058b14d96bce6c9dc0a436c45aad1d9b
540834be0c71d9542ef6ff9fb4b79e8dc6fba5d70546a3e1d1583869a4b2f6ff
596b79be695dbe107180aa947e10b4eebeecc8fd240cf8a90f99f48fc01338ad
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
65228fd2558cd49b47573d964a5615c31fa39a7c621990a4e3fb2438f2be05d1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71a1a7e4b8e99b30226b248180515bec029985cc0c6777e286efa7db1dd3c855
7344f8edf7586116d09ef47538b695882d5ab1c5dc7c82d407b5bc9ab8a03f0a
77a92318443d095c0a856fe9db90ed1541b8a7c398767288526f36cf209c2dd4
7c37b9396a5a4231f27c16d1398221794a5a1bb3f6a734b6521338fbd9d51197
7f3a79c58d2fcb8141392e6fae4e4254edc4f25fc549c65c0e50dfd3e7b1c3d3
81ac6b4e03d6191d9d55c091a8ed07e2d00fdcfc92301168f9890cbb0c0e166f
85d90ac5f1025892cf09124985207b5a4725f3c8a5a1ffd79684e88622a14c98
86d61b506ced9c0295000cc7b812b12f1bba4ccc0f656436d192b24bea446a7c
8d1602cce70b91b35575ae0445c130447299dc030305d4907b11b1bae2ef2b90
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec3c4e060456349104bf409a2551ee2cdd06e208d421608b866b33189d41647
93f8c907b065e5f4204803b2ff87cd51a5e602acb94fa04588ad3b82e1fdfcaf
9a023a541f8c0a01e22455cd250072c77617c034aaaec90275d873373d2eebcf
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
9e3291cd2580eddb057b806f48be65a19aef0896701036e5646652c3d6aa7786
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4d4be90f7293004ea724171e497b51aeed73ac67abc38dbaf14954c5de09f13
ad868a610844684acd6cd66c0913d61b96dd9458e2477fc35d5ebb4b0fffc364
b7ef4a17e75e1728a3ec2824bdbbb968074f79be8f88954acac55f62a69315b8
c37b8f12ac71dad4f488ceaaf46d11f9319bc0b2c8ddda3970e6974936587056
c6f7d6a9f7d01ff4f6fa0940ebbac00dd470f4808a47d68dfc7648d43dae22e9
d064286e4803fc975f9a92e947b366566a928924f0d7024e33ad0013bb2fdf2f
d3b60af3e06336b0e2bfc8fd69bd7076ee57cf276d0f4fc89c70217e08119ebb
d5a8e0f45e44da9b86819deeaf6e1d659726912ba546f73453665183fdf64af0
d75d107b648aeb7a906bf7664076d847d7a4a0421f04ded9d68287685d0769a0
dc112f66d073a232b20be3555d782096a9abbc26af1e5333bd80bc9ed1311423
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f1ed2383b6346b6bac6b2c5e209f1d6805f7d6ffce933fcfdbc0bf72a6be0
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd5971eb7478a545172757bfbc027bce235ca0bea1443c4fc35a61c5dbedb8f8

www.nytimes.com Open in urlscan Pro 151.101.13.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

29 %IPv6

12 Domains

18 Subdomains

16 IPs

4 Countries

714 kBTransfer

1827 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

29 %
IPv6

12
Domains

18
Subdomains

16
IPs

4
Countries

714 kB
Transfer

1827 kB
Size

3
Cookies

52 HTTP transactions
0 data transactions