myaccount.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2TTSM7OWqKvzeJRGzf4Td...
Effective URL:
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.c...
Submission: On August 26 via api (August 26th 2020, 10:09:32 am UTC) from US

Summary HTTP 45 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 45 HTTP transactions. The main IP is 151.101.13.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is myaccount.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time myaccount.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.223.233.247 162.223.233.247	15334 (RESPONSYS) (RESPONSYS)
18	151.101.13.164 151.101.13.164	54113 (FASTLY) (FASTLY)
3	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	195.35.90.82 195.35.90.82	15768 (ASWORLDPAY) (ASWORLDPAY)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::2013	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:2182:1a00:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
45	12

1 162.223.233.247 (United States) 1 redirects

ASN15334 (RESPONSYS, US)
PTR: e.newyorktimes.com

e.newyorktimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.35.90.82 (Chingford, United Kingdom)

ASN15768 (ASWORLDPAY, GB)

payments.worldpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:1a00:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	nytimes.com myaccount.nytimes.com a.nytimes.com a.et.nytimes.com et.nytimes.com Failed dd.nytimes.com	2 MB
7	nyt.com a1.nyt.com typeface.nyt.com	222 KB
4	google.com 1 redirects www.google.com	842 B
3	paypal.com www.paypal.com t.paypal.com Failed	5 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	gstatic.com www.gstatic.com	132 KB
1	google.de www.google.de	106 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	152 B
1	liveperson.net lptag.liveperson.net	7 KB
1	googletagmanager.com www.googletagmanager.com	68 KB
1	worldpay.com payments.worldpay.com	36 KB
1	newyorktimes.com 1 redirects e.newyorktimes.com	813 B
0	chasepaymentech.com Failed safetechpageencryption.chasepaymentech.com Failed
45	13

	Domain	Requested by
11	myaccount.nytimes.com	myaccount.nytimes.com
6	typeface.nyt.com	myaccount.nytimes.com
4	www.google.com	1 redirects myaccount.nytimes.com www.gstatic.com
4	a.et.nytimes.com	myaccount.nytimes.com
3	www.paypal.com	myaccount.nytimes.com
2	dd.nytimes.com	myaccount.nytimes.com dd.nytimes.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	a.nytimes.com	a1.nyt.com dd.nytimes.com
1	www.gstatic.com	www.google.com
1	www.google.de	myaccount.nytimes.com
1	stats.g.doubleclick.net	1 redirects
1	lptag.liveperson.net	myaccount.nytimes.com
1	www.googletagmanager.com	a1.nyt.com
1	payments.worldpay.com	myaccount.nytimes.com
1	a1.nyt.com	myaccount.nytimes.com
1	e.newyorktimes.com	1 redirects
0	et.nytimes.com Failed	myaccount.nytimes.com
0	t.paypal.com Failed	myaccount.nytimes.com
0	safetechpageencryption.chasepaymentech.com Failed	myaccount.nytimes.com
45	19

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com
policies.google.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
payments.worldpay.com DigiCert Global CA G2	`2020-08-14` - `2021-08-15`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
a.et.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-18` - `2022-11-16`	2 years	crt.sh
*.liveperson.net COMODO RSA Organization Validation Secure Server CA	`2017-12-17` - `2020-12-16`	3 years	crt.sh
www.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-29` - `2021-04-02`	9 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Frame ID: 97E514BC5684CA75FB1D0F9F26B3A55A
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&badge=none&cb=h9fht81oudmb
Frame ID: 3606C98D94B3DDA28648FFEE0C092182
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=er76v4mzu8au
Frame ID: A8772E63F9B479F01C2749CA87B697DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2... HTTP 302
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8 Page URL
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

45
Requests

84 %
HTTPS

64 %
IPv6

13
Domains

19
Subdomains

12
IPs

5
Countries

2722 kB
Transfer

3792 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nytimes.com/

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/content/help/rights/privacy/policy/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/membercenter/sitehelp.html
Title: Help

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/help/index.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/california-notice
Title: California Notices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2TTSM7OWqKvzeJRGzf4TdrkOoDVXtpKX%3DAACTCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnVt9fe-YzBTuNzdXIQcU_u4UYHBEjkwJcR_LffatxLIDkp2nmyJ7SKpcbJfvR0qByLd0Xk5ToCKi9GvYBGgNi3BcEnHugVhA4Wrmu7REs.&_di_=2kr48t4uo175qggj90m4udbb4lcg1do24r3iohqicc926kom5ma0 HTTP 302
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8 Page URL
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2TTSM7OWqKvzeJRGzf4TdrkOoDVXtpKX%3DAACTCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnVt9fe-YzBTuNzdXIQcU_u4UYHBEjkwJcR_LffatxLIDkp2nmyJ7SKpcbJfvR0qByLd0Xk5ToCKi9GvYBGgNi3BcEnHugVhA4Wrmu7REs.&_di_=2kr48t4uo175qggj90m4udbb4lcg1do24r3iohqicc926kom5ma0 HTTP 302
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

Request Chain 24

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=890990940&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&dr=&dp=%2Fget-started%3Fproduct%3Dunknown%26mode%3Ddigi%26rate%3Dregular99%3D%2Fget-started%2Fmanage-billing%26hash%3D&ul=en-us&de=UTF-8&dt=New%20York%20Times%20Manage%20Billing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=605338738&gjid=600473445&cid=1062932271.1598436557&tid=UA-58630905-1&_gid=605648646.1598436557&_r=1&gtm=2wg8c0TQS5DX3&cd1=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&cd2=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8&cd3=%3FcampaignId%3D666L8&cd4=Digital%20Subscription&cd9=&cd10=&cd14=&cd15=earned&cd16=referring_links&cd26=&cd27=&cd28=&cd29=&cd37=0&cd42=seg-pip&cd48=&cd49=blurb_under_100&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&z=1048565563 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58630905-1&cid=1062932271.1598436557&jid=605338738&_gid=605648646.1598436557&gjid=600473445&_v=j83&z=1048565563 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-1&cid=1062932271.1598436557&jid=605338738&_v=j83&z=1048565563 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-1&cid=1062932271.1598436557&jid=605338738&_v=j83&z=1048565563&slf_rd=1&random=887397751

45 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

manage-billing Show response
myaccount.nytimes.com/get-started/
Redirect Chain

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2TTSM7OWqKvzeJRGzf4TdrkOoDVXtpKX%3DAACTCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnVt9fe-YzBTuNzdXIQcU_u4UYH...
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

1 KB
2 KB

532ms
442ms

Document
text/html

151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

f94796ac272393433aa673c47b2915f8d2727cecb8e58a8923f6cac12827fe85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /get-started/manage-billing?campaignId=666L8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: Apache
x-frame-options: SAMEORIGIN DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-datadome-timer: (null),VE401
accept-ranges: bytes bytes
age: 0 0
date: Wed, 26 Aug 2020 10:09:15 GMT
via: 1.1 varnish
x-served-by: cache-fra19131-FRA
x-cache: MISS
x-cache-hits: 0
x-nyt-route: payflow
x-api-version: F-X
content-length: 1455

Redirect headers

Date: Wed, 26 Aug 2020 10:09:15 GMT
Server: Apache
P3P: policyref="http://policy5.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma: no-cache
Cache-Control: no-store, no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: 6.interact5.Tr6.....N.N...=_ri_=X0Gzc2X%3DAQpglLjHJlYQGpvp6U1nSyF9ytNCPUtMTngCOqpUiYppzgavdn0wS2TTSM7OWqKvzeJRGzf4TdrkOoDVXtpKX%3DAACTCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnVt9fe-YzBTuNzdXIQcU_u4UYHBEjkwJcR_LffatxLIDkp2nmyJ7SKpcbJfvR0qByLd0Xk5ToCKi9GvYBGgNi3BcEnHugVhA4Wrmu7REs; expires=Fri, 26-Aug-2022 10:09:15 GMT; Domain=.newyorktimes.com; Path=/pub; HttpOnly
Location: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Connection: close
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8

GET
H2 200 main.css
myaccount.nytimes.com/get-started/css/ 143 KB
143 KB 95ms
92ms Stylesheet
text/css 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/css/main.css

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

f4286b35f136f307a65813bdc9b82c5cba8a96eb2fa1b73a469376bce609612b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 296
x-cache: HIT
status: 200
content-length: 146234
x-xss-protection: 1; mode=block
x-served-by: cache-fra19131-FRA
last-modified: Mon, 24 Aug 2020 16:41:44 GMT
server: Apache
date: Wed, 26 Aug 2020 10:09:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Wed, 26 Aug 2020 06:21:58 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE378
x-nyt-route: payflow
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor.bundle.5c835e4ef37b114a351e.js Show response
myaccount.nytimes.com/get-started/js/dest/ 152 KB
153 KB 43ms
41ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/js/dest/vendor.bundle.5c835e4ef37b114a351e.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

51b074b4841b5139338dcf47dd8f3524568ac06145c2ee9361f6ba88c8fbf3dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 296
x-cache: HIT
status: 200
content-length: 155902
x-xss-protection: 1; mode=block
x-served-by: cache-fra19131-FRA
last-modified: Mon, 24 Aug 2020 16:41:45 GMT
server: Apache
date: Wed, 26 Aug 2020 10:09:15 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Wed, 26 Aug 2020 04:04:17 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE379
x-nyt-route: payflow
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 manage_billing.bundle.5c835e4ef37b114a351e.js Show response
myaccount.nytimes.com/get-started/js/dest/ 2 MB
2 MB 95ms
93ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.5c835e4ef37b114a351e.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

1db7aef60f38a0a45d5d361401f44c27d2042cecfdce4c3a75be6de2e2ad9b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 296
x-cache: HIT
status: 200
content-length: 1793656
x-xss-protection: 1; mode=block
x-served-by: cache-fra19131-FRA
last-modified: Mon, 24 Aug 2020 16:41:45 GMT
server: Apache
date: Wed, 26 Aug 2020 10:09:15 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Wed, 26 Aug 2020 06:21:58 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE380
x-nyt-route: payflow
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 json-kidd.min.js Show response
a1.nyt.com/analytics/ 179 KB
44 KB 79ms
68ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/json-kidd.min.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 578912d7b4bb2963706fea0f06ec25c4fa8b1c6df674d9515b66a6a8de5b13f9

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=v1pasg==, md5=Tz6MyHaLaUIsqSd75KXAhA==
date: Wed, 26 Aug 2020 10:09:15 GMT
content-encoding: gzip
age: 76916
x-guploader-uploadid: AAANsUnJpWwCl_21GvHfOsl0Xhv-JWQ3_xZSqxqnK8gqfwFkvA3utu5RMCYU-omNmcUiGAQqVl3abB5yz3u15kIytvk
x-cache: HIT
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 44547
via: 1.1 varnish
x-served-by: cache-fra19131-FRA
accept-ranges: bytes
expires: Sat, 15 Aug 2020 12:45:52 GMT
last-modified: Thu, 26 Mar 2020 18:56:12 GMT
server: UploadServer
x-timer: S1598436556.941709,VS0,VE0
etag: "4f3e8cc8768b69422ca9277be4a5c084"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1585248972379635
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 183751
x-nyt-pagetype: nyt-dti-analytic
content-type: application/javascript
x-cache-hits: 41

GET
H2 401 manage-billing-profile
myaccount.nytimes.com/svc/get-started/api/v1/user/ 84 B
237 B 434ms
434ms Fetch
application/json 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/svc/get-started/api/v1/user/manage-billing-profile?country=PL

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.5c835e4ef37b114a351e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Authorization: Cookie
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
x-cache: MISS
status: 401
content-length: 84
x-xss-protection: 1; mode=block
x-served-by: cache-fra19131-FRA
pragma: no-cache
server: Apache
date: Wed, 26 Aug 2020 10:09:16 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-datadome-timer: (null),VE394
x-nyt-route: payflow
accept-ranges: bytes, bytes
x-cache-hits: 0

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 200ms
61ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=myaccount.nytimes.com&source=checkoutjs&t=xo&v=4.0.299

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.5c835e4ef37b114a351e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-IDJd8B92ZmJibRwnIeJXIvHLDHrC2H3AAmNet8f1LUmG22S4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-IDJd8B92ZmJibRwnIeJXIvHLDHrC2H3AAmNet8f1LUmG22S4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
date: Wed, 26 Aug 2020 10:09:16 GMT
paypal-debug-id: 2a607224d12c9
strict-transport-security: max-age=63072000
dc: slc-b-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4456
x-xss-protection: 1; mode=block

GET
H2 200 nyt-credit-card-encryption.min.js Show response
myaccount.nytimes.com/get-started/pt/ 2 KB
2 KB 41ms
40ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/pt/nyt-credit-card-encryption.min.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.5c835e4ef37b114a351e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

02312e249161c77e7ff92d4660352937aa7b7a69b4af0660a631874f32ce8a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 296
x-cache: HIT
status: 200
content-length: 1904
x-xss-protection: 1; mode=block
x-served-by: cache-fra19131-FRA
last-modified: Mon, 24 Aug 2020 16:41:48 GMT
server: Apache
date: Wed, 26 Aug 2020 10:09:16 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Wed, 26 Aug 2020 03:32:20 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE368
x-nyt-route: payflow
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK worldpay-cse-1.latest.min.js
payments.worldpay.com/resources/cse/js/ 36 KB
36 KB 280ms
64ms Script
application/x-javascript 195.35.90.82
ASWORLDPAY

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.worldpay.com/resources/cse/js/worldpay-cse-1.latest.min.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.5c835e4ef37b114a351e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.35.90.82 Chingford, United Kingdom, ASN15768 (ASWORLDPAY, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 26 Aug 2020 10:09:16 GMT
Last-Modified: Tue, 01 Oct 2019 12:46:44 GMT
Server
ETag: "8ec6-593d8bea11500"
Content-Language: en
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Keep-Alive: timeout=5, max=100
Content-Length: 36550

GET
H2 200 nyt-logo-379x64.svg
myaccount.nytimes.com/img/ 12 KB
3 KB 145ms
144ms Image
image/svg+xml 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.nytimes.com/img/nyt-logo-379x64.svg

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

4a511c4796d88e55087f07c1c25c36106b72c81619757b72bc3f0a46eff13577

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-tags: myacc-cf-cache
date: Wed, 26 Aug 2020 10:09:16 GMT
content-encoding: gzip
x-api-version: F-legacy-myaccount
age: 0
x-cache: HIT
status: 200
content-length: 3240
x-xss-protection: 1; mode=block
x-served-by: cache-fra19131-FRA
last-modified: Wed, 26 Aug 2020 02:05:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 google, 1.1 varnish
expires: Wed, 26 Aug 2020 06:26:59 GMT
cache-control: max-age=600
x-datadome-timer: (null),VE111
x-nyt-route: legacy-myaccount
accept-ranges: bytes
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 738589ed6863dd953448fb2c5e21415c94873f7f15a3b22a5e8d43d5347c43d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 871 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af0e1d602b67bc5d650cf54cf03c737de6bf1cd46e5c7d06a67adf867f0d8cfb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ 29 KB
29 KB 128ms
39ms Font
application/font-woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/get-started/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Wed, 26 Aug 2020 10:09:16 GMT
via: 1.1 varnish
age: 13528726
x-guploader-uploadid: AEnB2UpO5TX5AT7jtL2d1_4m18JkfbrKZ1Hs7xdI5rqbOgj57e6K0VRKbCiKfDgXGHBJUYw4aXjhPk16QA6f4WaN3vfZ84eDIYyu2u1Y-r72FdGx8C0wSW0
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-fra19124-FRA
accept-ranges: bytes
expires: Sat, 23 Mar 2019 20:10:33 GMT
last-modified: Thu, 15 Mar 2018 18:06:30 GMT
server: UploadServer
x-timer: S1598436556.484912,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1521137190100657
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: application/font-woff
x-cache-hits: 107

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ 29 KB
29 KB 174ms
86ms Font
application/font-woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/get-started/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Wed, 26 Aug 2020 10:09:16 GMT
via: 1.1 varnish
age: 13528708
x-guploader-uploadid: AEnB2UrN5FY4-7SAwoJ5hZcTi8oCWzQOBNhFAC8R9C8gNEyeV2uvjBbyjOsaGz-TNyPpB7UAgId3yBiA04v7OuTKuchFOb5WfA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-fra19124-FRA
accept-ranges: bytes
expires: Sat, 23 Mar 2019 20:10:33 GMT
last-modified: Thu, 15 Mar 2018 18:06:30 GMT
server: UploadServer
x-timer: S1598436556.485143,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1521137190240390
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: application/font-woff
x-cache-hits: 146

GET
H2 200 nyt-cheltenham-400-normal.woff
typeface.nyt.com/fonts/ 30 KB
31 KB 153ms
65ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-cheltenham-400-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/get-started/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=v73sdg==, md5=XWRCccJdoHUNzvvn3PvevA==
date: Wed, 26 Aug 2020 10:09:16 GMT
via: 1.1 varnish
age: 270560
x-guploader-uploadid: AAANsUmeHzMJgtggMmhsFCYwmzn6g7yksbanCUn4gPrqbh1UmH4L4JwQdy0SNjp04UrE3Ta8cJmHdSvmiTrj8nfGCDI736scKw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 31172
x-served-by: cache-fra19124-FRA
accept-ranges: bytes
expires: Mon, 23 Aug 2021 06:59:55 GMT
last-modified: Tue, 08 Oct 2019 20:47:00 GMT
server: UploadServer
x-timer: S1598436556.485111,VS0,VE0
etag: "5d644271c25da0750dcefbe7dcfbdebc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567620942592
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 31172
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 39

GET getkey.js
safetechpageencryption.chasepaymentech.com/pie/v1/64100000000025/ 0
0

GET encryption.js
safetechpageencryption.chasepaymentech.com/pie/v1/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
68 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQS5DX3&gtm_auth=BxlVOowD_jvqTyNZ6sqMEA&gtm_preview=env-5&gtm_cookies_win=x

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5669a24d946ee55b952ae26172e71e9d827d610f7744f856d17647662e3bb78b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 10:09:16 GMT
content-encoding: br
vary: *
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69613
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 984 B
1 KB 160ms
139ms XHR
application/json 2a00:1450:4001:81c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ef46f4b8aa629056503a1ae4aaa6f8d82a39f7184eafd3861530792bb714cba1

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 10:09:16 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: 6c7643b86c3b20c80b838111fc637d1f
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 521
expires: Wed, 26 Aug 2020 10:09:16 GMT

GET ts
t.paypal.com/ 0
0

POST
H2 200 track
a.et.nytimes.com/ 0
0 129ms
106ms Other
application/json 2a00:1450:4001:81c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQS5DX3&gtm_auth=BxlVOowD_jvqTyNZ6sqMEA&gtm_preview=env-5&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 5735
date: Wed, 26 Aug 2020 08:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 26 Aug 2020 10:33:41 GMT

GET /
et.nytimes.com/ 0
0

GET
H2 200 tag.js
lptag.liveperson.net/tag/ 18 KB
7 KB 157ms
44ms Script
application/javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=17743901
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 10:09:16 GMT
content-encoding: gzip
last-modified: Tue, 21 Aug 2018 07:47:45 GMT
server: ws
etag: "5b7bc3a1-198d"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 6541

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=890990940&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&dr=&dp=%2Fget-started%3Fproduct%3Dunknown%26m...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58630905-1&cid=1062932271.1598436557&jid=605338738&_gid=605648646.1598436557&gjid=600473445&_v=j83&z=1048565563
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-1&cid=1062932271.1598436557&jid=605338738&_v=j83&z=1048565563
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-1&cid=1062932271.1598436557&jid=605338738&_v=j83&z=1048565563&slf_rd=1&random=887397751

42 B
106 B

20ms
20ms

Image
image/gif

2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-1&cid=1062932271.1598436557&jid=605338738&_v=j83&z=1048565563&slf_rd=1&random=887397751

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Aug 2020 10:09:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Aug 2020 10:09:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-1&cid=1062932271.1598436557&jid=605338738&_v=j83&z=1048565563&slf_rd=1&random=887397751
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Primary Request login Show response
myaccount.nytimes.com/auth/ 3 KB
2 KB 158ms
157ms Document
text/html 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.5c835e4ef37b114a351e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

84ec5bd08852f080b44f29847dca1b0c1fdf01fd8bb269b853cd7d072f9620f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://www.google.com .captcha-delivery.com; connect-src 'self' .nytimes.com https://sentry.io .datadome.co; font-src https://typeface.nyt.com; img-src 'self' data: .nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors 'none'; block-all-mixed-content ; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8

Response headers

status: 200
content-type: text/html; charset=utf-8
x-powered-by: Express
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
resp-details: [[it:lui]]
x-nyt-backend: lire-ui
x-frame-options: DENY
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors 'none'; block-all-mixed-content ; upgrade-insecure-requests
etag: W/"d7e-J/cQb7uDOHoNKkdBp5gDju4lHI0"
content-encoding: gzip
x-cloud-trace-context: 127746fb9797ee89120417a4e02ee04c
server: Google Frontend
x-datadome-timer: (null),VE117
accept-ranges: bytes bytes
age: 0 0
date: Wed, 26 Aug 2020 10:09:16 GMT
via: 1.1 varnish
x-served-by: cache-fra19131-FRA
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding
x-nyt-route: legacy-myaccount
x-api-version: F-X

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 350ms
251ms Other
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.com/xoplatform/logger/api/logger
Protocol: H2
Server: 104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-228-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-app-name,x-requested-with
Origin: https://myaccount.nytimes.com
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type,x-app-name,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://myaccount.nytimes.com

POST logger
www.paypal.com/xoplatform/logger/api/ 0
0

GET .jsonp
lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/ 0
0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 246ms
245ms Other
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.com/xoplatform/logger/api/logger
Protocol: H2
Server: 104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-228-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-app-name,x-requested-with
Origin: https://myaccount.nytimes.com
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type,x-app-name,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://myaccount.nytimes.com

POST logger
www.paypal.com/xoplatform/logger/api/ 0
0

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ 2 KB
1 KB 41ms
41ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 10:09:16 GMT
content-encoding: gzip
x-api-version: F-X
age: 151
x-cache: HIT
status: 200
content-length: 1252
x-served-by: cache-fra19131-FRA
expires: Wed, 19 Aug 2020 16:38:43 GMT
server: Google Frontend
etag: "f0_AOw"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: ed068086e0f49418b279e4ec6f90c2be;o=1
cache-control: public, max-age=600
x-datadome-timer: (null),VE137
x-nyt-route: legacy-myaccount
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 4

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ 393 KB
131 KB 42ms
41ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=a616ace
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: a6254eadd1e1dfc538fafddcc633353fbb52e8e01432cfbe799eb1d796b222ad

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 10:09:16 GMT
content-encoding: gzip
x-api-version: F-X
age: 437
x-cache: HIT
status: 200
content-length: 134120
x-served-by: cache-fra19131-FRA
expires: Wed, 19 Aug 2020 16:37:28 GMT
server: Google Frontend
etag: "f0_AOw"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: e64e5898a2eb03601832b5acb8e69825
cache-control: public, max-age=600
x-datadome-timer: (null),VE176
x-nyt-route: legacy-myaccount
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 6

GET
H2 200 tags.js Show response
dd.nytimes.com/ 222 KB
33 KB 35ms
14ms Script
text/javascript 2600:9000:2182:1a00:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:1a00:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b01f85577f7d30d8d6693c887e9f03dc16f60e37c515aeed9347d9806633998c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "376ac-5ac2215dc799a-gzip"
age: 3333
x-cache: Hit from cloudfront
status: 200
content-length: 33714
access-control-allow-origin: *
last-modified: Wed, 05 Aug 2020 14:21:19 GMT
server: Apache
date: Wed, 26 Aug 2020 09:13:43 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: rxurerkA2R8JVuWrwBtjAKNE16_EMDf8HRvSmmmcaEqArrVUfK1_lQ==
expires: Wed, 26 Aug 2020 10:13:43 GMT

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ 29 KB
29 KB 40ms
40ms Font
application/font-woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Wed, 26 Aug 2020 10:09:16 GMT
via: 1.1 varnish
age: 13528708
x-guploader-uploadid: AEnB2UrN5FY4-7SAwoJ5hZcTi8oCWzQOBNhFAC8R9C8gNEyeV2uvjBbyjOsaGz-TNyPpB7UAgId3yBiA04v7OuTKuchFOb5WfA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-fra19124-FRA
accept-ranges: bytes
expires: Sat, 23 Mar 2019 20:10:33 GMT
last-modified: Thu, 15 Mar 2018 18:06:30 GMT
server: UploadServer
x-timer: S1598436557.979328,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1521137190240390
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: application/font-woff
x-cache-hits: 147

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
107ms Other
application/json 2a00:1450:4001:81c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 968 B
1 KB 150ms
130ms Fetch
application/json 2a00:1450:4001:81c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Flogin%3Fresponse_type%3Dcookie%26client_id%3Dmngbill%26redirect_uri%3Dhttps%253A%252F%252Fmyaccount.nytimes.com%252Fget-started%252Fmanage-billing%253FcampaignId%253D666L8
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: bdb876e9ec4840d99b0ed6af7d8083e54dd4c2030055c4954d2d561af47a895f

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 10:09:17 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: 430a0c2672dbe34f8dd1be85838b5172
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 510
expires: Wed, 26 Aug 2020 10:09:17 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
107ms Other
application/json 2a00:1450:4001:81c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H/2+Q/46 200 api.js Show response
www.google.com/recaptcha/ 733 B
670 B 17ms
16ms Script
text/javascript 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=a616ace

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

616cd042d8f9aa6eb922256dcc368c515223dd35732d137bbd0a77d9030d7a7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 10:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 466
x-xss-protection: 1; mode=block
expires: Wed, 26 Aug 2020 10:09:17 GMT

GET
H2 200 nyt-logo.svg
myaccount.nytimes.com/lire_ui/img/ 10 KB
5 KB 40ms
40ms Image
image/svg+xml 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.nytimes.com/lire_ui/img/nyt-logo.svg
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d3e16687ec9c4de367a88d0da210e208574799844e0f9d4874bf41be1dd83424

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 10:09:17 GMT
content-encoding: gzip
x-api-version: F-X
age: 120
x-cache: HIT
status: 200
content-length: 4722
x-served-by: cache-fra19131-FRA
expires: Mon, 24 Aug 2020 17:43:04 GMT
server: Google Frontend
etag: "f0_AOw"
content-type: image/svg+xml
via: 1.1 varnish
x-cloud-trace-context: 4299a8a0562da597893b10529de8e774
cache-control: public, max-age=600
x-datadome-timer: (null),VE160
x-nyt-route: legacy-myaccount
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 1

GET
H2 200 nyt-cheltenham-400-normal.woff
typeface.nyt.com/fonts/ 30 KB
31 KB 46ms
45ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-cheltenham-400-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=v73sdg==, md5=XWRCccJdoHUNzvvn3PvevA==
date: Wed, 26 Aug 2020 10:09:17 GMT
via: 1.1 varnish
age: 270560
x-guploader-uploadid: AAANsUmeHzMJgtggMmhsFCYwmzn6g7yksbanCUn4gPrqbh1UmH4L4JwQdy0SNjp04UrE3Ta8cJmHdSvmiTrj8nfGCDI736scKw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 31172
x-served-by: cache-fra19124-FRA
accept-ranges: bytes
expires: Mon, 23 Aug 2021 06:59:55 GMT
last-modified: Tue, 08 Oct 2019 20:47:00 GMT
server: UploadServer
x-timer: S1598436557.103310,VS0,VE0
etag: "5d644271c25da0750dcefbe7dcfbdebc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567620942592
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 31172
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 40

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ 29 KB
29 KB 40ms
39ms Font
application/font-woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Wed, 26 Aug 2020 10:09:17 GMT
via: 1.1 varnish
age: 13528726
x-guploader-uploadid: AEnB2UpO5TX5AT7jtL2d1_4m18JkfbrKZ1Hs7xdI5rqbOgj57e6K0VRKbCiKfDgXGHBJUYw4aXjhPk16QA6f4WaN3vfZ84eDIYyu2u1Y-r72FdGx8C0wSW0
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-fra19124-FRA
accept-ranges: bytes
expires: Sat, 23 Mar 2019 20:10:33 GMT
last-modified: Thu, 15 Mar 2018 18:06:30 GMT
server: UploadServer
x-timer: S1598436557.103293,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1521137190100657
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: application/font-woff
x-cache-hits: 108

POST
H2 200 / Show response
dd.nytimes.com/js/ 2 B
331 B 53ms
29ms XHR
application/json 2600:9000:2182:1a00:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:1a00:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 26 Aug 2020 10:09:17 GMT
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: DUS51-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 2
x-amz-cf-id: cI9tMC1KKe4NueqgoOKq28MhsVFhwbYQbBHl9PakLHDmhF4h2A9cDg==
expires: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/ 337 KB
132 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

919ce225464d5e8d79944356fcaa74323a12f8fc847eec6c7a877f9e752f7fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 21:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Aug 2020 04:38:28 GMT
server: sffe
age: 131540
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135073
x-xss-protection: 0
expires: Tue, 24 Aug 2021 21:36:57 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Other
application/json 2a00:1450:4001:81c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=666L8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H/2+Q/46 200 anchor
www.google.com/recaptcha/api2/ Frame 3606 0
0 25ms
25ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&badge=none&cb=h9fht81oudmb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gVTMPBGLX1GE1GWZn9GY8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&badge=none&cb=h9fht81oudmb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 26 Aug 2020 10:09:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-gVTMPBGLX1GE1GWZn9GY8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9967
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/2+Q/46 200 bframe
www.google.com/recaptcha/api2/ Frame A877 0
0 18ms
17ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=er76v4mzu8au

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WbcJzZZi2Uq2o/M8mS/qig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=er76v4mzu8au
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 26 Aug 2020 10:09:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-WbcJzZZi2Uq2o/M8mS/qig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1176
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: safetechpageencryption.chasepaymentech.com
URL: https://safetechpageencryption.chasepaymentech.com/pie/v1/64100000000025/getkey.js

Domain: safetechpageencryption.chasepaymentech.com
URL: https://safetechpageencryption.chasepaymentech.com/pie/v1/encryption.js

Domain: t.paypal.com
URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=New%20York%20Times%20Manage%20Billing&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1598436556551&g=-120&completeurl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D666L8&ru=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Domain: et.nytimes.com
URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%3Fproduct%3Dunknown%26mode%3Ddigi%26rate%3Dregular99%3D%2Fget-started%2Fmanage-billing%26hash%3D%26campaignId%3D666L8&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&referrer=&clientTimeStamp=1598436556640&totalTime=0&gtm=GTM-TQS5DX3-51-Production&et2_pageview_id=UG02lJSoLtWk9u3va56iid3E&sourceApp=seg-pip&skipFilter=%5B%22content%22%5D&callback=NYTD.EventTracker.cb0&pageMetaData=%7B%22PT%22%3A%22%22%2C%22CG%22%3A%22Digital%20Subscription%22%2C%22SCG%22%3A%22%22%2C%22byl%22%3A%22%22%2C%22tom%22%3A%22%22%2C%22hdl%22%3A%22%22%2C%22ptime%22%3A%22%22%2C%22cre%22%3A%22%22%2C%22articleid%22%3A%22%22%2C%22channels%22%3A%22%22%2C%22CN%22%3A%22%22%2C%22CT%22%3A%22%22%7D&additionalClientData=%7B%22ul%22%3A%22en-US%22%2C%22js%22%3A%22Yes%22%2C%22jv%22%3A%221.5%22%2C%22fi%22%3A%22No%22%2C%22tz%22%3A2%2C%22bh%22%3A12%2C%22cd%22%3A24%2C%22sr%22%3A%221600x1200%22%2C%22bs%22%3A%221600x1200%22%2C%22jo%22%3A%22No%22%2C%22or%22%3A%22land%22%7D

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger

Domain: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nytimes.com/	1970-01-19 20:46:12	Name: nyt-a Value: RlFd7KlBUxIwRq4rHxY9k0if

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.et.nytimes.com
a.nytimes.com
a1.nyt.com
dd.nytimes.com
e.newyorktimes.com
et.nytimes.com
lptag.liveperson.net
myaccount.nytimes.com
payments.worldpay.com
safetechpageencryption.chasepaymentech.com
stats.g.doubleclick.net
t.paypal.com
typeface.nyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.paypal.com
et.nytimes.com
lptag.liveperson.net
safetechpageencryption.chasepaymentech.com
t.paypal.com
www.paypal.com
104.111.228.123
151.101.13.164
162.223.233.247
178.249.101.23
195.35.90.82
2600:9000:2182:1a00:a:a8c5:a040:93a1
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:809::2004
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2013
2a00:1450:4001:824::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c06::9d
02312e249161c77e7ff92d4660352937aa7b7a69b4af0660a631874f32ce8a23
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
1db7aef60f38a0a45d5d361401f44c27d2042cecfdce4c3a75be6de2e2ad9b59
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a511c4796d88e55087f07c1c25c36106b72c81619757b72bc3f0a46eff13577
51b074b4841b5139338dcf47dd8f3524568ac06145c2ee9361f6ba88c8fbf3dd
5669a24d946ee55b952ae26172e71e9d827d610f7744f856d17647662e3bb78b
578912d7b4bb2963706fea0f06ec25c4fa8b1c6df674d9515b66a6a8de5b13f9
616cd042d8f9aa6eb922256dcc368c515223dd35732d137bbd0a77d9030d7a7c
738589ed6863dd953448fb2c5e21415c94873f7f15a3b22a5e8d43d5347c43d5
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
84ec5bd08852f080b44f29847dca1b0c1fdf01fd8bb269b853cd7d072f9620f8
919ce225464d5e8d79944356fcaa74323a12f8fc847eec6c7a877f9e752f7fb9
a6254eadd1e1dfc538fafddcc633353fbb52e8e01432cfbe799eb1d796b222ad
af0e1d602b67bc5d650cf54cf03c737de6bf1cd46e5c7d06a67adf867f0d8cfb
b01f85577f7d30d8d6693c887e9f03dc16f60e37c515aeed9347d9806633998c
bdb876e9ec4840d99b0ed6af7d8083e54dd4c2030055c4954d2d561af47a895f
d3e16687ec9c4de367a88d0da210e208574799844e0f9d4874bf41be1dd83424
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef46f4b8aa629056503a1ae4aaa6f8d82a39f7184eafd3861530792bb714cba1
f4286b35f136f307a65813bdc9b82c5cba8a96eb2fa1b73a469376bce609612b
f94796ac272393433aa673c47b2915f8d2727cecb8e58a8923f6cac12827fe85
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

myaccount.nytimes.com Open in urlscan Pro 151.101.13.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

84 %HTTPS

64 %IPv6

13 Domains

19 Subdomains

12 IPs

5 Countries

2722 kBTransfer

3792 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

myaccount.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

84 %
HTTPS

64 %
IPv6

13
Domains

19
Subdomains

12
IPs

5
Countries

2722 kB
Transfer

3792 kB
Size

1
Cookies

45 HTTP transactions
2 data transactions