urlscan.io logo urlscan.io
SecurityTrails logo

www.nytimes.com Open in urlscan Pro
151.101.113.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuzc1vMzfTPzfLzdWYRAmDAFImzgv52zbUSsMN06T2HFrmjzbd5zavzgzdccRz...
Effective URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Submission: On September 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 13 domains to perform 60 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    162.223.233.247 (United States)

ASN15334 (RESPONSYS, US)
PTR: e.newyorktimes.com
e.newyorktimes.com
2    151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.nytimes.com
17    151.101.193.164 (United States)

ASN54113 (FASTLY, US)
mwcm.nyt.com
cigsvc.nytimes.com
a1.nyt.com
1    2a02:26f0:6c00:2bc::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.optimizely.com
1    23.37.32.235 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-32-235.deploy.static.akamaitechnologies.com
cdn3.optimizely.com
2    2a00:1450:4001:801::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a.nytimes.com
1    23.43.116.208 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-43-116-208.deploy.static.akamaitechnologies.com
a3013110282.cdn.optimizely.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:800::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a.et.nytimes.com
4    104.108.38.55 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-38-55.deploy.static.akamaitechnologies.com
c.oracleinfinity.io
2    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    216.58.212.134 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net
5290727.fls.doubleclick.net
2    178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    130.61.67.95 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)
dc.oracleinfinity.io
5    2a03:6400:10:0:178:249:97:99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
accdn.lpsnmedia.net
2    34.200.62.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-62-85.compute-1.amazonaws.com
logx.optimizely.com
4    2a03:6400:10:0:178:249:97:98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
lpcdn.lpsnmedia.net
3    208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net
2    54.173.3.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-3-159.compute-1.amazonaws.com
collectors.sumologic.com
Domain Requested by
15 mwcm.nyt.com www.nytimes.com
mwcm.nyt.com
lpcdn.lpsnmedia.net
5 accdn.lpsnmedia.net lptag.liveperson.net
5 a.et.nytimes.com www.nytimes.com
4 lpcdn.lpsnmedia.net lptag.liveperson.net
4 c.oracleinfinity.io www.googletagmanager.com
c.oracleinfinity.io
3 va.v.liveperson.net lptag.liveperson.net
2 collectors.sumologic.com mwcm.nyt.com
2 logx.optimizely.com cdn.optimizely.com
2 dc.oracleinfinity.io c.oracleinfinity.io
2 lptag.liveperson.net www.nytimes.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 a.nytimes.com mwcm.nyt.com
a1.nyt.com
2 www.nytimes.com cdn.optimizely.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com a1.nyt.com
1 a3013110282.cdn.optimizely.com cdn.optimizely.com
1 a1.nyt.com www.nytimes.com
1 cdn3.optimizely.com cdn.optimizely.com
1 cigsvc.nytimes.com cdn.optimizely.com
1 cdn.optimizely.com www.nytimes.com
1 e.newyorktimes.com 1 redirects
60 24
Subject Issuer Validity Valid
nytimes.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-03 -
2022-04-06		 2 years crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
*.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2020-03-05 -
2021-06-04		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
a.et.nytimes.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-18 -
2022-11-16		 2 years crt.sh
c.oracleinfinity.io
DigiCert Secure Site ECC CA-1		 2020-07-24 -
2021-02-06		 6 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.liveperson.net
COMODO RSA Organization Validation Secure Server CA		 2017-12-17 -
2020-12-16		 3 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
dc.oracleinfinity.io
DigiCert SHA2 Secure Server CA		 2020-07-07 -
2021-09-05		 a year crt.sh
*.lpsnmedia.net
COMODO RSA Organization Validation Secure Server CA		 2018-02-26 -
2021-02-25		 3 years crt.sh
logx.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-10-01 -
2020-10-05		 2 years crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2020-04-13 -
2022-04-13		 2 years crt.sh
service.sumologic.com
GeoTrust EV RSA CA 2018		 2020-02-21 -
2022-02-20		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://www.nytimes.com/subscription?campaignId=9XHRL
Frame ID: BC66FF8FBD0069FA63D30AFD68B48603
Requests: 56 HTTP requests in this frame

Frame: https://a3013110282.cdn.optimizely.com/client_storage/a3013110282.html
Frame ID: 07642DFFA901D5C5E5DFF1B51026D934
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjL2OzH8-sCFYjmuwgdol4Juw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=742532474314;gtm=2wg990;auiddc=1712304640.1600461540;u4=;u5=;u6=;u7=1sgBIyx1eftg7DHjp-kdWE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL
Frame ID: 58D413F0DD09E8E7AAAFC46C107B0475
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod
Frame ID: 77E00E69F932209B4587888FFBC2340D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuzc1vMzfTPzfLzdWYRAmDAFImzgv52zbUSsMN06T2... HTTP 302
    https://www.nytimes.com/subscription?campaignId=9XHRL Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers vary /Fastly-SSL/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i

Page Statistics

60
Requests

100 %
HTTPS

45 %
IPv6

13
Domains

24
Subdomains

21
IPs

6
Countries

759 kB
Transfer

2040 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuzc1vMzfTPzfLzdWYRAmDAFImzgv52zbUSsMN06T2HFrmjzbd5zavzgzdccRzbBN9Al4ze18mypRdgzaVXtpKX%3DSTWCCAY&_ei_=Eq2tf9zs59idfPO1Sc_9Bbm3YSgDBOg2QIx1r4IUMwOF0fSGcxRniUy5W6mjfdemm_FfyFhzsb2M7jkEmpzTHnqLEU7m0hibosm2nBCNrxpARkKGv5ohZNinm4pK8cfzTI_szAa5gCQ5w0.&_di_=cmc91gpvhps0r4f8ulf5p7rtfuq7ul2d5ckimfk7chku7s0un960 HTTP 302
    https://www.nytimes.com/subscription?campaignId=9XHRL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=742532474314;gtm=2wg990;auiddc=1712304640.1600461540;u4=;u5=;u6=;u7=1sgBIyx1eftg7DHjp-kdWE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjL2OzH8-sCFYjmuwgdol4Juw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=742532474314;gtm=2wg990;auiddc=1712304640.1600461540;u4=;u5=;u6=;u7=1sgBIyx1eftg7DHjp-kdWE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request subscription
www.nytimes.com/
Redirect Chain
  • https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuzc1vMzfTPzfLzdWYRAmDAFImzgv52zbUSsMN06T2HFrmjzbd5zavzgzdccRzbBN9Al4ze18mypRdgzaVXtpKX%3DSTWCCAY&_ei_=Eq2tf9zs59idfPO1Sc_9Bbm3YSgDBOg2Q...
  • https://www.nytimes.com/subscription?campaignId=9XHRL
35 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5e00ed246aff437decd9de86cefea27b3a46ac5bb7c9af06033d05da55490ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY

Request headers

:method
GET
:authority
www.nytimes.com
:scheme
https
:path
/subscription?campaignId=9XHRL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html;charset=UTF-8
expires
0
pragma
no-cache
server
nginx
x-magnolia-vary
x-nyt-country, x-nyt-user-status, x-nyt-continent, X-NYT-Currency
x-origin-time
2020-09-18 20:38:59 UTC
accept-ranges
bytes bytes
age
0 0
date
Fri, 18 Sep 2020 20:38:59 GMT
x-served-by
cache-hhn4028-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1600461539.183642,VS0,VE415
vary
Accept-Encoding, x-nyt-country, x-nyt-user-status, x-nyt-continent, X-NYT-Currency, Fastly-SSL
set-cookie
nyt-a=1sgBIyx1eftg7DHjp-kdWE; Expires=Sat, 18 Sep 2021 20:38:59 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure nyt-gdpr=1; Expires=Sat, 19 Sep 2020 02:38:59 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhu; Expires=Sat, 18 Sep 2021 20:38:59 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure
access-control-allow-origin
*
access-control-allow-credentials
true
x-gdpr
1
x-frame-options
DENY
onion-location
https://www.nytimes3xbfgragh.onion/subscription?campaignId=9XHRL
x-api-version
F-X
x-nyt-route
mwcm
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security
max-age=2592000
content-length
8916

Redirect headers

Date
Fri, 18 Sep 2020 20:38:59 GMT
Server
Apache
P3P
policyref="http://policy5.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma
no-cache
Cache-Control
no-store, no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
6.interact5.Tr6.....N.N...=_ri_=X0Gzc2X%3DAQpglLjHJlYQGuzc1vMzfTPzfLzdWYRAmDAFImzgv52zbUSsMN06T2HFrmjzbd5zavzgzdccRzbBN9Al4ze18mypRdgzaVXtpKX%3DSTWCCAY&_ei_=Eq2tf9zs59idfPO1Sc_9Bbm3YSgDBOg2QIx1r4IUMwOF0fSGcxRniUy5W6mjfdemm_FfyFhzsb2M7jkEmpzTHnqLEU7m0hibosm2nBCNrxpARkKGv5ohZNinm4pK8cfzTI_szAa5gCQ5w0; expires=Sun, 18-Sep-2022 20:38:59 GMT; Domain=.newyorktimes.com; Path=/pub; HttpOnly
Location
https://www.nytimes.com/subscription?campaignId=9XHRL
Connection
close
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
common.js
mwcm.nyt.com/.resources/mkt-wcm/dist/ 		135 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c7c580276590fdeb9c8b2c37acb0b608ed7616a28684fd49ba71d1cce69da1a

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
content-encoding
gzip
age
180845
x-cache
HIT
status
200
content-length
39406
x-served-by
cache-cdg20744-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.667985,VS0,VE0
x-origin-server
mwcm-pub-est02.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
8
main.js
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/js/src/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/js/src/main.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a03933dcd96c80f04123e26cff9ddd9e299afc1bafcf6a53978292bdd68016f2

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
content-encoding
gzip
age
148457
x-cache
HIT
status
200
content-length
3249
x-served-by
cache-cdg20744-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.667936,VS0,VE1
x-origin-server
mwcm-pub-est07.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
56aa230966ead3adaba574f6d964fa46a85b751f986b0fc591a0e9be9bb5b764

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
content-encoding
gzip
age
180821
x-cache
HIT
status
200
content-length
6518
x-served-by
cache-cdg20744-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.667977,VS0,VE1
x-origin-server
mwcm-pub-est07.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
landing_prod.js
cdn.optimizely.com/public/3013110282/s/ 		528 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bc::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb40dcfb7ef18e2fa5cb35a6476af8ebc3f87304d9804e28029469cb1541802f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
w3nF_AeJcLLpUrAnjFdFkXghE_WlZgyq
content-encoding
gzip
etag
"703a789544c2892ea9f57be9d1b8ae5e"
x-amz-request-id
D0DDDB1E03E78B63
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
PENDING
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2bc::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
147799
x-amz-id-2
Gk95xhcGU/ybIBvVKUbN9UnMzamAqNcbIu4wv/6QkAWe2ovZ+CeKsypgc7ab28H/1hjWQZXUxAI=
last-modified
Thu, 10 Sep 2020 17:28:46 GMT
server
AmazonS3
date
Fri, 18 Sep 2020 20:38:59 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
60979
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
logo-nyt-header.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/logo-nyt-header.svg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
189daf39387aadcc9db7650ee0e9108322ba7c424590a9aa9b019a547e0e45ca

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
content-encoding
gzip
age
180852
x-cache
HIT
status
200
content-length
2553
x-served-by
cache-cdg20744-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.708777,VS0,VE1
x-origin-server
mwcm-pub-est04.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
logo_nyt_white.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/logo_nyt_white.svg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e02571635abb0e6cc008ad440ed3ce325f28caf7be8278cdfaf068747c31e58

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
content-encoding
gzip
age
180882
x-cache
HIT
status
200
content-length
1948
x-served-by
cache-cdg20744-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.709655,VS0,VE0
x-origin-server
mwcm-pub-est01.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
627
userinfo-v3.json
www.nytimes.com/svc/web-products/ 		144 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/svc/web-products/userinfo-v3.json
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
3889dee276bf798c0f8fd8826c211fd752a54e0a0d446975b114b6aa055d2a2d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
x-api-version
F-X
x-cache
HIT
status
200
content-length
144
x-served-by
cache-hhn4028-HHN
server
Varnish
strict-transport-security
max-age=2592000
onion-location
https://www.nytimes3xbfgragh.onion/svc/web-products/userinfo-v3.json
content-type
application/json
x-gdpr
1
x-nyt-route
service
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges
bytes
retry-after
0
x-cache-hits
0
ip_seg_v2.rep
cigsvc.nytimes.com/r1/jp/ 		170 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cigsvc.nytimes.com/r1/jp/ip_seg_v2.rep?jsoncallback=callback
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Sep 2020 20:39:00 GMT
via
1.1 varnish
x-timer
S1600461540.857368,VS0,VE163
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript;charset=UTF-8
status
200
expires
0
cache-control
no-cache, no-cache="set-cookie"
x-cache-hits
0
accept-ranges
bytes
content-length
170
x-served-by
cache-cdg20744-CDG
geo2.js
cdn3.optimizely.com/js/ 		290 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo2.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.32.235 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-32-235.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b7f93c59da3bc65cddef6f9580fde650f055dc9e8d5b1b0b340ef7f074811fdb

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server
AmazonS3
x-amz-request-id
0C0611D4BAE5A557
ETag
"adadfc5d7afd13e353d9d52cec1c7827"
Content-Type
application/javascript
Cache-Control
max-age=30417
Date
Fri, 18 Sep 2020 20:38:59 GMT
Connection
keep-alive
Content-Length
290
x-amz-id-2
7v0jVdsDaVuFkloSm87Qp6eTjuyP3PKOTOeNPgoo0dISWdPFABuwtcQ1rnDyYMzNGxMcwJUf2zw=
json-kidd.min.js
a1.nyt.com/analytics/ 		178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.nyt.com/analytics/json-kidd.min.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
97e649e4f52da2245df01edf874b88e1e614fb5124c20e47a5602d01213583de

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=hu1QRw==, md5=tk0OvQQ1nPA6XjE4ox+k5g==
date
Fri, 18 Sep 2020 20:38:59 GMT
content-encoding
gzip
age
70803
x-guploader-uploadid
ABg5-UzZhkbk4bLbWZP89a5NvRPLfcpxa7t_m9s6EXJiTSLFRphiUAixIOb_kN7bJZib3q32DPS9m5q8YnDJkYDqSqKUWNF6vA
x-cache
HIT
x-goog-storage-class
REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
44076
via
1.1 varnish
x-served-by
cache-cdg20744-CDG
accept-ranges
bytes
expires
Sat, 29 Aug 2020 00:46:28 GMT
last-modified
Thu, 27 Aug 2020 19:39:32 GMT
server
UploadServer
x-timer
S1600461540.846136,VS0,VE0
etag
"b64d0ebd04359cf03a5e3138a31fa4e6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1598557172966603
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
182146
x-nyt-pagetype
nyt-dti-analytic
content-type
application/javascript
x-cache-hits
2
52c4d302fc074552840a75b3f23f1c6a.jpg
mwcm.nyt.com/.resources/mkt-wcm/dist/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/52c4d302fc074552840a75b3f23f1c6a.jpg
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e391f0ccab9cec1bb5dbd6268a5783c6b461f12e5ab6e6c38b9af5759499db9f

Request headers

Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
via
1.1 varnish
age
179317
x-cache
HIT
status
200
content-length
42522
x-served-by
cache-cdg20744-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.846327,VS0,VE1
content-type
image/jpeg;charset=UTF-8
x-origin-server
mwcm-pub-est10.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
nyt-franklin-700-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-700-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ad868a610844684acd6cd66c0913d61b96dd9458e2477fc35d5ebb4b0fffc364

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
via
1.1 varnish
age
180843
x-cache
HIT
status
200
content-length
29504
x-served-by
cache-cdg20780-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.876419,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est07.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
5
nyt-cheltenham-500-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-cheltenham-500-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c37b9396a5a4231f27c16d1398221794a5a1bb3f6a734b6521338fbd9d51197

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
via
1.1 varnish
age
180821
x-cache
HIT
status
200
content-length
32532
x-served-by
cache-cdg20780-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.876507,VS0,VE1
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est06.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
nyt-franklin-600-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-600-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd5971eb7478a545172757bfbc027bce235ca0bea1443c4fc35a61c5dbedb8f8

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
via
1.1 varnish
age
180843
x-cache
HIT
status
200
content-length
48566
x-served-by
cache-cdg20780-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.876523,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est04.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
5
nyt-cheltenham-300-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-cheltenham-300-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e3291cd2580eddb057b806f48be65a19aef0896701036e5646652c3d6aa7786

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
via
1.1 varnish
age
180844
x-cache
HIT
status
200
content-length
16844
x-served-by
cache-cdg20780-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.876404,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est10.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
3
index.min.js
mwcm.nyt.com/dam/jcr:2f7f1814-9b49-47cb-b0c7-600c47215280/ 		897 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/dam/jcr:2f7f1814-9b49-47cb-b0c7-600c47215280/index.min.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
90068b0156a6a9c28ceee8051d732974b8e78b7c17312d9550c3c4b11c97b1a6

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
content-encoding
gzip
age
196623
x-cache
HIT
status
200
content-length
441
x-served-by
cache-cdg20744-CDG
access-control-allow-origin
*
last-modified
Fri, 21 Aug 2020 14:40:11 GMT
server
nginx
x-timer
S1600461540.986161,VS0,VE1
x-origin-server
mwcm-pub-est10.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
data-layer
a.nytimes.com/svc/nyt/ 		950 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.nytimes.com/svc/nyt/data-layer
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
a85318426a7f29ae202314f91b26f5c5c80f0d5ad1ad066c2fc5633251867635

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:00 GMT
content-encoding
gzip
x-appengine-log-flush-count
1
server
Google Frontend
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
e2b8f37d8e05d700e68ca58c941ed6c9
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
content-length
487
expires
Fri, 18 Sep 2020 20:39:00 GMT
nyt-franklin-300-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-300-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5a8e0f45e44da9b86819deeaf6e1d659726912ba546f73453665183fdf64af0

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:38:59 GMT
via
1.1 varnish
age
180844
x-cache
HIT
status
200
content-length
29448
x-served-by
cache-cdg20780-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.999603,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est07.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
5
a3013110282.html
a3013110282.cdn.optimizely.com/client_storage/ Frame 0764 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a3013110282.cdn.optimizely.com/client_storage/a3013110282.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.116.208 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-43-116-208.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
a3013110282.cdn.optimizely.com
:scheme
https
:path
/client_storage/a3013110282.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nytimes.com/subscription?campaignId=9XHRL
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.nytimes.com/subscription?campaignId=9XHRL

Response headers

status
200
x-amz-id-2
NF/ANPlFq8fv29UJeyDgHdKh9F2AvYRYaOrfRc6vFUj7TmVip+OSHXSnEIDRCISqTiopXqD2E14=
x-amz-request-id
C2D69492217370A8
x-amz-replication-status
COMPLETED
last-modified
Thu, 10 Sep 2020 17:28:16 GMT
etag
"200dc081a36c1137914a37d37fb3c17f"
x-amz-server-side-encryption
AES256
x-amz-meta-pci_enabled
False
content-encoding
gzip
x-amz-version-id
EwaW4ewuCcBXaz7i87l9bLZm8sYlQEPW
accept-ranges
bytes
content-type
text/html; charset=utf-8
content-length
843
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=120
date
Fri, 18 Sep 2020 20:39:00 GMT
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="12";dur=0,cdnip;desc="23.43.116.208";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
nyt-franklin-500-normal.woff
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/fonts/nyt-franklin-500-normal.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
596b79be695dbe107180aa947e10b4eebeecc8fd240cf8a90f99f48fc01338ad

Request headers

Origin
https://www.nytimes.com
Referer
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gemini/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:00 GMT
via
1.1 varnish
age
148396
x-cache
HIT
status
200
content-length
29324
x-served-by
cache-cdg20780-CDG
access-control-allow-origin
*
last-modified
Wed, 16 Sep 2020 16:34:56 GMT
server
nginx
x-timer
S1600461540.020130,VS0,VE0
content-type
application/x-font-woff;charset=UTF-8
x-origin-server
mwcm-pub-est02.prd.iad1.nyt.net
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
5
gtm.js
www.googletagmanager.com/ 		356 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x
Requested by
Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b4d7c9376884da0681b51381e823cab80641db592b81582b94f64ea23eda233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:00 GMT
content-encoding
br
vary
*
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82225
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
data-layer
a.nytimes.com/svc/nyt/ 		995 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&jkcb=1600461540031
Requested by
Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4caf93a3fcb5fc1ad43c2c87e3f87952ccd6f09e96bbac59e35e8c6d2e608d08

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:00 GMT
content-encoding
gzip
x-appengine-log-flush-count
1
server
Google Frontend
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
0e1df40c498d88d0ecc51427cc67daf9
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
content-length
513
expires
Fri, 18 Sep 2020 20:39:00 GMT
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
odc.js
c.oracleinfinity.io/acs/account/cialth61ui/js/main/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.38.55 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-38-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc112f66d073a232b20be3555d782096a9abbc26af1e5333bd80bc9ed1311423

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Sep 2020 20:39:00 GMT
Content-Encoding
gzip
Content-MD5
1EDP6vOJ/5leSnMJcbt5ww==
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
10998
Pragma
no-cache
Last-Modified
Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id
iad-1:h2ywY_V5HEntmb5HsspZFyiOfODLHfcmvUrbAv6DUwjIXh-GREKJVTPvIclvoNdb
x-api-id
native
ETag
a127ca8e-29c4-4e59-864c-7de71c0592d5
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
application/javascript; charset=UTF-8
version-id
454af658-eba1-49cc-82fb-e7f7fe05532c
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,version-id,x-api-id
Cache-Control
max-age=0, no-cache
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Fri, 18 Sep 2020 20:39:00 GMT
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
analytics.js
www.google-analytics.com/ 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
319
date
Fri, 18 Sep 2020 20:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Fri, 18 Sep 2020 22:33:41 GMT
activityi;dc_pre=CMjL2OzH8-sCFYjmuwgdol4Juw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=742532474314;gtm=2wg990;auiddc=1712304640.1600461540;u4=;u5=;u6=;u7=1sgBIyx1eftg7DHjp-kdWE;u8=undefined;u10=...
5290727.fls.doubleclick.net/ Frame 58D4
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=742532474314;gtm=2wg990;auiddc=1712304640.1600461540;u4=;u5=;u6=;u7=1sgBIyx1eftg7DHjp-kdWE;u8=undefined;u1...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjL2OzH8-sCFYjmuwgdol4Juw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=742532474314;gtm=2wg990;auiddc=1712304640.1600461540;u4=;u5=;u6=;u7=1sgB...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjL2OzH8-sCFYjmuwgdol4Juw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=742532474314;gtm=2wg990;auiddc=1712304640.1600461540;u4=;u5=;u6=;u7=1sgBIyx1eftg7DHjp-kdWE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF9QCL2&gtm_auth=28ykelszAvyta5q5YGRVOg&gtm_preview=env-53&gtm_cookies_win=x
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5290727.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CMjL2OzH8-sCFYjmuwgdol4Juw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=742532474314;gtm=2wg990;auiddc=1712304640.1600461540;u4=;u5=;u6=;u7=1sgBIyx1eftg7DHjp-kdWE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nytimes.com/subscription?campaignId=9XHRL
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 18 Sep 2020 20:39:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
486
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 18-Sep-2020 20:54:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 18 Sep 2020 20:39:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CMjL2OzH8-sCFYjmuwgdol4Juw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=742532474314;gtm=2wg990;auiddc=1712304640.1600461540;u4=;u5=;u6=;u7=1sgBIyx1eftg7DHjp-kdWE;u8=undefined;u10=;u11=1;u12=undefined;u13=;u14=;u15=;u16=MOPS;u17=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL;u1=;u2=;u3=;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
tag.js
lptag.liveperson.net/tag/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=17743901
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:00 GMT
content-encoding
gzip
last-modified
Tue, 21 Aug 2018 07:47:45 GMT
server
ws
etag
"5b7bc3a1-198d"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
6541
collect
www.google-analytics.com/j/ 		2 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=775920203&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&dr=&ul=en-us&de=UTF-8&dt=The%20New%20York%20Times%3A%20Digital%20and%20Home%20Delivery%20Subscriptions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1527656536&gjid=739206066&cid=1381379312.1600461540&tid=UA-58630905-1&_gid=1502499067.1600461540&_r=1&gtm=2wg990WF9QCL2&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsubscription&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL&cd3=%3FcampaignId%3D9XHRL&cd9=&cd10=null&cd13=null&cd14=null&cd15=earned&cd16=referring_links&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd37=0&cd42=MOPS&cd43=&cd44=&cd45=&cd46=&cd48=null&cd49=blurb_under_100&cd52=&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&cd95=&cd109=0&cd110=0&cd111=0&cd112=0&cd113=0&cd122=0&cd123=0&cd124=0&cd125=0&cd126=0&cd127=0&cd138=0&cd139=0&cd141=0&cd142=0&cd143=0&cd144=0&cd145=0&cd146=0&cd147=0&cd148=0&cd162=0&cd163=0&z=393577442
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Sep 2020 20:39:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-58630905-1&cid=1381379312.1600461540&jid=1527656536&gjid=739206066&_gid=1502499067.1600461540&_u=YEBAAEAAAAAAAC~&z=631881381
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 18 Sep 2020 20:39:00 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics-production.js
c.oracleinfinity.io/acs/account/cialth61ui/js/main/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production.js
Requested by
Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.38.55 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-38-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e40f1ed2383b6346b6bac6b2c5e209f1d6805f7d6ffce933fcfdbc0bf72a6be0

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Sep 2020 20:39:00 GMT
Content-Encoding
gzip
Content-MD5
qnF0/5dScUlTxy1fgptUSg==
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
1429
Pragma
no-cache
Last-Modified
Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id
iad-1:uohTjxKAX9Iw-8gLxanfpGYERrG_iXItDNtAPNuZ-APTTcQC5yLddUHSOyAmscbh
x-api-id
native
ETag
bce2d2d6-0bcc-4034-ada0-181fcce0d61d
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
application/javascript; charset=UTF-8
version-id
af0c379b-abd4-44f3-984d-c815e20cc683
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,version-id,x-api-id
Cache-Control
max-age=0, no-cache
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Fri, 18 Sep 2020 20:39:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-58630905-1&cid=1381379312.1600461540&jid=1527656536&_u=YEBAAEAAAAAAAC~&z=1437587639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Sep 2020 20:39:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-58630905-1&cid=1381379312.1600461540&jid=1527656536&_u=YEBAAEAAAAAAAC~&z=1437587639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Sep 2020 20:39:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
common.js
c.oracleinfinity.io/acs/common/js/1.3.37/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.oracleinfinity.io/acs/common/js/1.3.37/common.js
Requested by
Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.38.55 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-38-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65228fd2558cd49b47573d964a5615c31fa39a7c621990a4e3fb2438f2be05d1

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Sep 2020 20:39:00 GMT
Content-Encoding
gzip
Content-MD5
i3lzre/Ca4wN1pXfrk1n9w==
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
11579
Pragma
no-cache
Last-Modified
Sat, 11 Jul 2020 02:07:25 GMT
opc-request-id
iad-1:C1cgluLzpOccdCGh5B1c2ngxVl7QWD0TJv9qKQUr8u6Z9cfRmnlcEoShwxzGMrKY
x-api-id
native
ETag
9e584f22-eda0-480e-8f51-7abe4ffee9fe
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
application/javascript; charset=UTF-8
version-id
d5e20d9f-cf77-4a6c-ab0c-a76641532980
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,version-id,x-api-id
Cache-Control
max-age=0, no-cache
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Fri, 18 Sep 2020 20:39:00 GMT
analytics.js
c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/analytics-production/analytics.js
Requested by
Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/cialth61ui/js/main/odc.js?_ora.context=analytics:production
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.38.55 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-38-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4d4be90f7293004ea724171e497b51aeed73ac67abc38dbaf14954c5de09f13

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Sep 2020 20:39:00 GMT
Content-Encoding
gzip
Content-MD5
D3HHo8Mh9wet2GpeS+FoTg==
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
7914
Pragma
no-cache
Last-Modified
Fri, 07 Aug 2020 18:49:30 GMT
opc-request-id
iad-1:v83xgDMMO91QGbc6j7xmHWIlLBh4kl2IyD-ggN1PyCAVlyKR4mFvDnAjGLjKYeIF
x-api-id
native
ETag
ffd6a78f-0caa-490f-98b5-72af30429ab6
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type
application/javascript; charset=UTF-8
version-id
035a888c-cf65-4f86-ab79-775e4f6d7e8d
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,version-id,x-api-id
Cache-Control
max-age=0, no-cache
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Fri, 18 Sep 2020 20:39:00 GMT
.jsonp
lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/ 		250 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
37866c50059a912eacfb4ebe249549d2faaade0274b65056768e6f93b2eaf8cb

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:00 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
wtid.js
dc.oracleinfinity.io/cialth61ui/ 		189 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc.oracleinfinity.io/cialth61ui/wtid.js?callback=ORA.analytics.dcsRef.dcsGetIdCallback
Requested by
Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/common/js/1.3.37/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.61.67.95 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
e0a31788b196293bb76a144ff722daf211f693cd451dc1c14caa39f674c94d1b

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Sep 2020 20:39:00 GMT
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/plain
Content-Length
189
Expires
-1
/
accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/?cb=lpCb52568x48924
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
493bc9e842b71d62aef2ed48757661e67814bc277d1efb80f9ddf3a6a283289a

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:00 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
1
expires
Fri, 18 Sep 2020 20:39:53 GMT
zones
accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
72246aeab063f977bdf850bcb9c6513cc79d5c61ff322b6bdef9edadee923dd1

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:00 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
1
expires
Fri, 18 Sep 2020 20:39:53 GMT
events
logx.optimizely.com/v1/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.62.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-62-85.compute-1.amazonaws.com
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 18 Sep 2020 20:39:01 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
b13261f2-7a18-468c-80f1-0ad6e6a1056c
dcs.gif
dc.oracleinfinity.io/cialth61ui/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dc.oracleinfinity.io/cialth61ui/dcs.gif?wt.tx_e=v&wt.si_n=Subscribe%20Flow&wt.si_x=1&wt.si_p=Offer%20View&wt.pn_sku=Basic%20Digital%20Access&wt.z_offerchain_id=XPASS&asset.url=https://www.nytimes.com/subscription&a14dv=1&dcsdat=1600461540796&dcssip=www.nytimes.com&dcsuri=/subscription&wt.tz=2&wt.bh=22&wt.ul=en-US&wt.cd=24&wt.sr=1600x1200&wt.jo=No&wt.ti=The%20New%20York%20Times:%20Digital%20and%20Home%20Delivery%20Subscriptions&wt.js=Yes&wt.bs=1600x1200&wt.dl=0&wt.ssl=1&wt.es=www.nytimes.com/subscription&campaignid=9XHRL&wt.tv=1.0.4&wt.ce=1&wt.vtid=add3dfcd-edf8-419d-8ad7-8731d7c5e580&wt.co_f=add3dfcd-edf8-419d-8ad7-8731d7c5e580&wt.vt_f=1&ora.tag_id=main&ora.tag_config=production
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.61.67.95 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Sep 2020 20:39:00 GMT
X-Content-Type-Options
nosniff
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
-1
events
logx.optimizely.com/v1/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/landing_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.62.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-62-85.compute-1.amazonaws.com
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 18 Sep 2020 20:39:01 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
e1722366-01ce-499c-ae92-22a0c13098b3
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/ Frame 77E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash

Request headers

:method
GET
:authority
lpcdn.lpsnmedia.net
:scheme
https
:path
/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&env=prod
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nytimes.com/subscription?campaignId=9XHRL
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.nytimes.com/subscription?campaignId=9XHRL

Response headers

status
200
date
Fri, 18 Sep 2020 20:39:02 GMT
content-type
text/html
last-modified
Mon, 30 Mar 2020 14:49:28 GMT
content-encoding
gzip
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
expires
Fri, 18 Sep 2020 20:49:02 GMT
cache-control
max-age=600
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.js?loc=https%3A%2F%2Fwww.nytimes.com&site=17743901&force=1&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
90db019114bcb830c53464def2150205998e91e2f57435919648a90bde2a9805

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:02 GMT
content-encoding
gzip
last-modified
Mon, 30 Mar 2020 14:49:28 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Fri, 18 Sep 2020 20:49:02 GMT
17743901
va.v.liveperson.net/api/js/ 		624 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/17743901?&cb=lpCb83629x81868&t=sp&ts=1600461540519&pid=5495510607&tid=2686756119&pt=The%20New%20York%20Times%3A%20Digital%20and%20Home%20Delivery%20Subscriptions&u=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%3FcampaignId%3D9XHRL&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
e3d33f3a48dc256adb4d156dc786825a700bc8e1b86fb8fca777ac24dd404177

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:03 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
overlay.js
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/overlay.js?_v=3.42.0.2-release_5022
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:03 GMT
content-encoding
gzip
last-modified
Wed, 19 Aug 2020 12:50:18 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Fri, 18 Sep 2020 20:49:03 GMT
UISuite.js
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/UISuite.js?_v=3.42.0.2-release_5022
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:03 GMT
content-encoding
gzip
last-modified
Wed, 19 Aug 2020 12:50:18 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Fri, 18 Sep 2020 20:49:03 GMT
2704
accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/campaigns/1896709130/engagements/1896709630/revision/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/campaigns/1896709130/engagements/1896709630/revision/2704?v=3.0&cb=lp1896709630&flavor=dependency
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
1d116412c9e71bbc23f6391bae43be3f896e66bd096d027d1305a0342b9ac097

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:03 GMT
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
1
expires
Fri, 18 Sep 2020 20:40:03 GMT
/
accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/?cb=lpCb62319x42269
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
26be869d66cd950d34c692a867694d3f9ade6457a45de8181450fd05548af03f

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:03 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
1
expires
Fri, 18 Sep 2020 20:39:53 GMT
17743901
va.v.liveperson.net/api/js/ 		111 B
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/17743901?sid=W7R4qDFATgesTQSK88NNJg&cb=lpCb78211x57611&t=pl&ts=1600461542659&pid=5495510607&tid=2686756119&vid=MyNDFmYjkzZDEwOTkyM2Fk
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
b4e5f9f6d66ca603b72f0c98e50301d8ea2f3cacc338f251bff32398a1d35aa3

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:03 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
42828914
accdn.lpsnmedia.net/api/account/17743901/configuration/engagement-window/window-confs/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/17743901/configuration/engagement-window/window-confs/42828914?cb=lpCb44565x78461
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
94f6da6ecf3c271b36235319941801522a96780471661cd652843153c2f24c2a

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:03 GMT
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
1
expires
Fri, 18 Sep 2020 20:40:03 GMT
chat-buttononly.svg
mwcm.nyt.com/dam/LP/live_chat/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/dam/LP/live_chat/images/chat-buttononly.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7344f8edf7586116d09ef47538b695882d5ab1c5dc7c82d407b5bc9ab8a03f0a

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:03 GMT
content-encoding
gzip
age
203952
x-cache
HIT
status
200
content-length
1285
x-served-by
cache-cdg20744-CDG
access-control-allow-origin
*
last-modified
Mon, 19 Nov 2018 21:42:25 GMT
server
nginx
x-timer
S1600461543.301821,VS0,VE1
x-origin-server
mwcm-pub-est03.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
chat-buttononly.svg
mwcm.nyt.com/dam/LP/live_chat/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/dam/LP/live_chat/images/chat-buttononly.svg
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/UISuite.js?_v=3.42.0.2-release_5022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7344f8edf7586116d09ef47538b695882d5ab1c5dc7c82d407b5bc9ab8a03f0a

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:03 GMT
content-encoding
gzip
age
203952
x-cache
HIT
status
200
content-length
1285
x-served-by
cache-cdg20744-CDG
access-control-allow-origin
*
last-modified
Mon, 19 Nov 2018 21:42:25 GMT
server
nginx
x-timer
S1600461543.322697,VS0,VE0
x-origin-server
mwcm-pub-est03.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
2
17743901
va.v.liveperson.net/api/js/ 		42 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/17743901?sid=W7R4qDFATgesTQSK88NNJg&cb=lpCb48973x79782&t=uc&ts=1600461543315&pid=5495510607&tid=2686756119&vid=MyNDFmYjkzZDEwOTkyM2Fk&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A1896709130%2C%22engId%22%3A1896709630%2C%22revision%22%3A2704%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
28bb3cc20d7ede4087ab1e27a7f134dade752793ecc02dc37343ee0eabb3408c

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Sep 2020 20:39:03 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==
collectors.sumologic.com/receiver/v1/http/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://collectors.sumologic.com/receiver/v1/http/ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==?callback=logSent
Protocol
HTTP/1.1
Server
54.173.3.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-3-159.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-sumo-category,x-sumo-host,x-sumo-name
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors

Response headers

Date
Fri, 18 Sep 2020 20:39:05 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,HEAD,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin,Content-Encoding,X-Sumo-Host,X-Sumo-Category,X-Sumo-Name,X-Sumo-Client,X-Sumo-Metadata,X-Sumo-Dimensions
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=15552000
Allow
GET, HEAD, POST, PUT, TRACE, OPTIONS
ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==
collectors.sumologic.com/receiver/v1/http/ 		0
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collectors.sumologic.com/receiver/v1/http/ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==?callback=logSent
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.3.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-3-159.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-Sumo-Name
Frontend Monitoring
X-Sumo-Category
mwcm-prd
Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
X-Sumo-Host
https://mwcm-pub.prd.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Sep 2020 20:39:05 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
Content-Length
0
X-XSS-Protection
1; mode=block
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription?campaignId=9XHRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/subscription?campaignId=9XHRL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| dataLayer undefined| _ object| optly_events object| optimizely object| NYToptly object| script object| observer object| webpackJsonpMarketing object| Marketing object| SLLogger function| SumoLogger object| NYTD function| safelyCollectKeyweeEvent function| trackMethod function| head object| global undefined| provide undefined| require function| $ undefined| ender object| ns_ object| TAGX function| run object| google_tag_manager function| postscribe function| nyt_et object| nytAnalytics function| initLivePerson object| lpTag string| campaignParams object| campaignParamsRegex function| campaignParamCompare function| getSrcParamValuesMap function| getValueWithDefault function| getQueryMap function| getCampaignMapping object| google_tag_data string| GoogleAnalyticsObject function| ga object| opty_payload undefined| jkidd_data_user_tracking object| dl_user object| gaplugins object| gaGlobal object| gaData object| ORA function| _typeof function| _extends object| proxyless object| lpMTagConfig

9 Cookies

Domain/Path Name / Value
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1600461540093&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
www.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
www.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/ Name: optimizelyEndUserId
Value: oeu1600461539768r0.6629985832634495
.nytimes.com/ Name: nyt-purr
Value: cfhspnahhu
.nytimes.com/ Name: nyt-gdpr
Value: 1
.nytimes.com/ Name: nyt-a
Value: 1sgBIyx1eftg7DHjp-kdWE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
a3013110282.cdn.optimizely.com
accdn.lpsnmedia.net
c.oracleinfinity.io
cdn.optimizely.com
cdn3.optimizely.com
cigsvc.nytimes.com
collectors.sumologic.com
dc.oracleinfinity.io
e.newyorktimes.com
logx.optimizely.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
mwcm.nyt.com
stats.g.doubleclick.net
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nytimes.com
104.108.38.55
130.61.67.95
151.101.113.164
151.101.193.164
162.223.233.247
178.249.101.23
208.89.12.87
216.58.212.134
23.37.32.235
23.43.116.208
2a00:1450:4001:800::2013
2a00:1450:4001:801::2013
2a00:1450:4001:808::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2008
2a00:1450:4001:820::200e
2a00:1450:400c:c09::9c
2a02:26f0:6c00:2bc::13b8
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
34.200.62.85
54.173.3.159
189daf39387aadcc9db7650ee0e9108322ba7c424590a9aa9b019a547e0e45ca
1d116412c9e71bbc23f6391bae43be3f896e66bd096d027d1305a0342b9ac097
26be869d66cd950d34c692a867694d3f9ade6457a45de8181450fd05548af03f
28bb3cc20d7ede4087ab1e27a7f134dade752793ecc02dc37343ee0eabb3408c
37866c50059a912eacfb4ebe249549d2faaade0274b65056768e6f93b2eaf8cb
3889dee276bf798c0f8fd8826c211fd752a54e0a0d446975b114b6aa055d2a2d
44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047
493bc9e842b71d62aef2ed48757661e67814bc277d1efb80f9ddf3a6a283289a
4caf93a3fcb5fc1ad43c2c87e3f87952ccd6f09e96bbac59e35e8c6d2e608d08
56aa230966ead3adaba574f6d964fa46a85b751f986b0fc591a0e9be9bb5b764
596b79be695dbe107180aa947e10b4eebeecc8fd240cf8a90f99f48fc01338ad
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
65228fd2558cd49b47573d964a5615c31fa39a7c621990a4e3fb2438f2be05d1
6b4d7c9376884da0681b51381e823cab80641db592b81582b94f64ea23eda233
72246aeab063f977bdf850bcb9c6513cc79d5c61ff322b6bdef9edadee923dd1
7344f8edf7586116d09ef47538b695882d5ab1c5dc7c82d407b5bc9ab8a03f0a
7c37b9396a5a4231f27c16d1398221794a5a1bb3f6a734b6521338fbd9d51197
7c7c580276590fdeb9c8b2c37acb0b608ed7616a28684fd49ba71d1cce69da1a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
90068b0156a6a9c28ceee8051d732974b8e78b7c17312d9550c3c4b11c97b1a6
90db019114bcb830c53464def2150205998e91e2f57435919648a90bde2a9805
94f6da6ecf3c271b36235319941801522a96780471661cd652843153c2f24c2a
97e649e4f52da2245df01edf874b88e1e614fb5124c20e47a5602d01213583de
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
9e02571635abb0e6cc008ad440ed3ce325f28caf7be8278cdfaf068747c31e58
9e3291cd2580eddb057b806f48be65a19aef0896701036e5646652c3d6aa7786
a03933dcd96c80f04123e26cff9ddd9e299afc1bafcf6a53978292bdd68016f2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4d4be90f7293004ea724171e497b51aeed73ac67abc38dbaf14954c5de09f13
a85318426a7f29ae202314f91b26f5c5c80f0d5ad1ad066c2fc5633251867635
ad868a610844684acd6cd66c0913d61b96dd9458e2477fc35d5ebb4b0fffc364
b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd
b4e5f9f6d66ca603b72f0c98e50301d8ea2f3cacc338f251bff32398a1d35aa3
b7f93c59da3bc65cddef6f9580fde650f055dc9e8d5b1b0b340ef7f074811fdb
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
d5a8e0f45e44da9b86819deeaf6e1d659726912ba546f73453665183fdf64af0
d5e00ed246aff437decd9de86cefea27b3a46ac5bb7c9af06033d05da55490ce
dc112f66d073a232b20be3555d782096a9abbc26af1e5333bd80bc9ed1311423
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a31788b196293bb76a144ff722daf211f693cd451dc1c14caa39f674c94d1b
e391f0ccab9cec1bb5dbd6268a5783c6b461f12e5ab6e6c38b9af5759499db9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d33f3a48dc256adb4d156dc786825a700bc8e1b86fb8fca777ac24dd404177
e40f1ed2383b6346b6bac6b2c5e209f1d6805f7d6ffce933fcfdbc0bf72a6be0
eb40dcfb7ef18e2fa5cb35a6476af8ebc3f87304d9804e28029469cb1541802f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd5971eb7478a545172757bfbc027bce235ca0bea1443c4fc35a61c5dbedb8f8